Alpine: multiple xen packages: security update to 4.18.5-r3

high Tenable Self-Hosted Container Security Plugin ID 435782

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities
correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of
three formats. Xen has boundary checking bugs with all three formats, which can cause out-of-bounds reads
and writes while processing the inputs. * CVE-2025-58147. Hypercalls using the HV_VP_SET Sparse format can
cause vpmask_set() to write out of bounds when converting the bitmap to Xen's format. * CVE-2025-58148.
Hypercalls using any input format can cause send_ipi() to read d->vcpu[] out-of-bounds, and operate on a
wild vCPU pointer. (CVE-2025-58147, CVE-2025-58148)

- When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit
memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when
such device is no longer assigned to the domain. For PV domains the permission leak allows the domain
itself to map the memory in the page-tables. For HVM it would require a compromised device model or
stubdomain to map the leaked memory into the HVM domain p2m. (CVE-2025-58149)

See Also

https://security.alpinelinux.org/vuln/CVE-2025-58147

https://security.alpinelinux.org/vuln/CVE-2025-58148

https://security.alpinelinux.org/vuln/CVE-2025-58149

Plugin Details

Severity: High

ID: 435782

Version: Revision 1.10

Type: Local

Published: 10/24/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.67

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2025-58148

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2025-58149

Vulnerability Information

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2025-58147, CVE-2025-58148, CVE-2025-58149

IAVB: 2025-B-0113