diff --git a/pkgs/build-support/xen/default.nix b/pkgs/build-support/xen/default.nix
index 9964f0386f6e..92899e44e8ed 100644
--- a/pkgs/build-support/xen/default.nix
+++ b/pkgs/build-support/xen/default.nix
@@ -119,6 +119,7 @@ let
       XSA_460
       XSA_461
       XSA_462
+      XSA_464
     ]
   );
 
diff --git a/pkgs/build-support/xen/patches.nix b/pkgs/build-support/xen/patches.nix
index 7b8395154f28..b630a6a63a8d 100644
--- a/pkgs/build-support/xen/patches.nix
+++ b/pkgs/build-support/xen/patches.nix
@@ -153,4 +153,17 @@ in
     cve = [ "CVE-2024-45817" ];
     hash = "sha256-01lzjaT2f69UfEdTUCkm92DDOmd+Mo8sNPZsHJfgJEM=";
   };
+  "XSA_464" = xsaPatch {
+    id = "464";
+    title = "libxl leaks data to PVH guests via ACPI tables";
+    description = ''
+      PVH guests have their ACPI tables constructed by the toolstack.  The
+      construction involves building the tables in local memory, which are
+      then copied into guest memory.  While actually used parts of the local
+      memory are filled in correctly, excess space that is being allocated is
+      left with its prior contents.
+    '';
+    cve = [ "CVE-2024-45819" ];
+    hash = "sha256-oQa4NuX4Y1hhfnqHV6kvsJZiQ/NAz/WwO0Kidbcyayc=";
+  };
 }