CVE-2025-58149

Name of the Vulnerable Software and Affected Versions libxl (affected versions not specified)

Description The detach logic in libxl does not remove access permissions to 64-bit memory BARs when passing through PCI devices. This can allow a domain to retain access to these memory BARs even after the device is no longer assigned to the domain. For Privileged Virtual (PV) domains, this permission leak allows the domain to map the memory in page tables. For Hardware Virtual Machine (HVM) domains, exploitation would require a compromised device model or stubdomain to map the leaked memory into the HVM domain’s page map tables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.