XEN Hypervisor vCPU Page-Table Switch Flaw Mapcache Corruption
CVE-2026-42488 Published on June 18, 2026

x86: mismatched mapcache metadata
Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache.

NVD

Vulnerability Analysis

CVE-2026-42488 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2026-42488 has been classified to as a Buffer Overflow vulnerability or weakness.

Products Associated with CVE-2026-42488

Want to know whenever a new CVE is published for Citrix Xen Xen? stack.watch will email you.

Citrix Xen Xen

Affected Versions

Xen Version consult Xen advisory XSA-494 is unknown by CVE-2026-42488

XEN Hypervisor vCPU Page-Table Switch Flaw Mapcache CorruptionCVE-2026-42488 Published on June 18, 2026

Vulnerability Analysis

Weakness Type

What is a Buffer Overflow Vulnerability?

Products Associated with CVE-2026-42488

Affected Versions

XEN Hypervisor vCPU Page-Table Switch Flaw Mapcache Corruption
CVE-2026-42488 Published on June 18, 2026