Xen 4.1.5

Xen 4.1.5 is a maintenance release in the 4.1 series and contains: We recommend that all users of Xen 4.1.4 upgrade to Xen 4.1.5.

  • This release fixes the following critical vulnerabilities:
    • CVE-2012-5634 / XSA-33: VT-d interrupt remapping source validation flaw
    • CVE-2013-0153 / XSA-36: interrupt remap entries shared and old ones not cleared on AMD IOMMUs
    • CVE-2013-0215 / XSA-38: oxenstored incorrect handling of certain Xenbus ring states
    • CVE-2012-6075 / XSA-41: qemu (e1000 device driver): Buffer overflow when processing large packets
    • CVE-2013-1917 / XSA-44: Xen PV DoS vulnerability with SYSENTER
    • CVE-2013-1919 / XSA-46: Several access permission issues with IRQs for unprivileged guests
    • CVE-2013-1920 / XSA-47: Potential use of freed memory in event channel operations
    • CVE-2013-1964 / XSA-50: grant table hypercall acquire/release imbalance
  • This release contains many bug fixes and improvements (around 50 since Xen 4.1.4). The highlights are:
    • ACPI APEI/ERST finally working on production systems
    • Bug fixes for other low level system state handling
    • Support for xz compressed Dom0 and DomU kernels

You can also get this release from the git repository: git://xenbits.xen.org/xen.git (tag RELEASE-4.1.5)

Release information for other releases in the Xen 4.1 series

Documents

Created Date Thursday, 25 April 2013

Xen 4.1.5

Xen 4.1.5 (hypervisor and tools) official source distribution

Created Date Thursday, 25 April 2013

Xen 4.1.5 Signature