CVE-2026-23554 in Xen정보

요약

\~에 의해 MITRE • 2026. 03. 23.

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush.

Freeing of paging structures however is not deferred until the flushing is done, and can result in freed pages transiently being present in cached state. Such stale entries can point to memory ranges not owned by the guest, thus allowing access to unintended memory regions.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

공개

2026. 03. 23.

모더레이션

수락

항목

VDB-351512

CPE

준비됨

CWE

CWE-416 (확인됨)

CVSS

8.0 (VulDB)

EPSS

0.00005

KEV

아니요

활동

매우 낮음

부문

Education, Industry, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-23554
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-23554
CVE Details	https://www.cvedetails.com/cve/CVE-2026-23554/

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!