Vulnerability Database

322,129

Total vulnerabilities in the database

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider:

vCPU runs on CPU A, running task 1.
vCPU moves to CPU B, idle gets scheduled on A. Xen skips IBPB.
On CPU B, guest kernel switches from task 1 to 2, issuing IBPB.
vCPU moves back to CPU A. Xen skips IBPB again.

Now, task 2 is running on CPU A with task 1's training still in the BTB.

Published: Jan 28, 2026
Updated: Jan 29, 2026
CVE: CVE-2026-23553
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.9
AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

Affected Software
References

Software	From	Fixed in
xen / xen	4.6.0	4.6.0.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo