Xen 4.1.5

Xen 4.1.5 is a maintenance release in the 4.1 series and contains: We recommend that all users of Xen 4.1.4 upgrade to Xen 4.1.5.

  • This release fixes the following critical vulnerabilities:
    • CVE-2012-5634 / XSA-33: VT-d interrupt remapping source validation flaw
    • CVE-2013-0153 / XSA-36: interrupt remap entries shared and old ones not cleared on AMD IOMMUs
    • CVE-2013-0215 / XSA-38: oxenstored incorrect handling of certain Xenbus ring states
    • CVE-2012-6075 / XSA-41: qemu (e1000 device driver): Buffer overflow when processing large packets
    • CVE-2013-1917 / XSA-44: Xen PV DoS vulnerability with SYSENTER
    • CVE-2013-1919 / XSA-46: Several access permission issues with IRQs for unprivileged guests
    • CVE-2013-1920 / XSA-47: Potential use of freed memory in event channel operations
    • CVE-2013-1964 / XSA-50: grant table hypercall acquire/release imbalance
  • This release contains many bug fixes and improvements (around 50 since Xen 4.1.4). The highlights are:
    • ACPI APEI/ERST finally working on production systems
    • Bug fixes for other low level system state handling
    • Support for xz compressed Dom0 and DomU kernels

You can also get this release from the git repository: git://xenbits.xen.org/xen.git (tag RELEASE-4.1.5)

Release information for other releases in the Xen 4.1 series

Documents

Xen 4.1.5

Xen 4.1.5 (hypervisor and tools) official source distribution