Skip to main content


Xen Project 4.11.4

We are pleased to announce the release of Xen 4.11.4. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.11 (tag RELEASE-4.11.4) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 96a8b5bc48: update Xen version to 4.11.4 [Jan Beulich]
  • d353f82b2e: gnttab: fix GNTTABOP_copy continuation handling [Jan Beulich]
  • 52da38987a: xen/gnttab: Fix error path in map_grant_ref() [Ross Lagerwall]
  • d430e15e02: xen/rwlock: Add missing memory barrier in the unlock path of rwlock [Julien Grall]
  • 7900cb7c18: xenoprof: limit consumption of shared buffer data [Jan Beulich]
  • 06a5a277c7: xenoprof: clear buffer intended to be shared with guests [Jan Beulich]
  • affb032b9b: credit2: fix credit reset happening too few times [Dario Faggioli]
  • 5adb81ae7b: credit2: avoid vCPUs to ever reach lower credits than idle [Dario Faggioli]
  • 4b4ec47973: x86/ucode/amd: Fix more potential buffer overruns with microcode parsing [Andrew Cooper]
  • 8f51dad75b: x86/HVM: fix AMD ECS handling for Fam10 [Jan Beulich]
  • 09508fda40: x86/ucode/amd: Fix potential buffer overrun with equiv table handling [Andrew Cooper]
  • ac3b39ce83: x86/ucode: Fix error paths in apply_microcode() [Andrew Cooper]
  • 480d9b4784: x86/shim: fix ballooning up the guest [Igor Druzhinin]
  • dfcd120e81: x86/vPMU: don’t blindly assume IA32_PERF_CAPABILITIES MSR exists [Jan Beulich]
  • 696d142276: AMD/IOMMU: fix off-by-one in amd_iommu_get_paging_mode() callers [Jan Beulich]
  • 6bc54c0696: x86/msr: Virtualise MSR_PLATFORM_ID properly [Andrew Cooper]
  • f9e2a60b39: VT-d: check all of an RMRR for being E820-reserved [Jan Beulich]
  • 98cf186a3e: x86/time: report correct frequency of Xen PV clocksource [Igor Druzhinin]
  • a12c52d18c: x86/shim: suspend and resume platform time correctly [Igor Druzhinin]
  • 21fc266776: x86/smp: reset x2apic_enabled in smp_send_stop() [David Woodhouse]
  • 722458767a: xen/pvh: Fix segment selector ABI [Andrew Cooper]
  • 2ffed5c92f: xmalloc: guard against integer overflow [Jan Beulich]
  • 8348cc77e6: EFI: don’t leak heap contents through XEN_EFI_get_next_variable_name [Jan Beulich]
  • a4f502e030: EFI: re-check {get,set}-variable name strings after copying in [Jan Beulich]
  • 5abd261189: xen/x86: domctl: Don’t leak data via XEN_DOMCTL_gethvmcontext [Julien Grall]
  • b187c14ada: x86/suspend: disable watchdog before calling console_start_sync() [Igor Druzhinin]
  • 8fa29762bc: x86/apic: fix disabling LVT0 in disconnect_bsp_APIC [Roger Pau Monné]
  • 9e48fafe4d: VT-d: don’t pass bridge devices to domain_context_mapping_one() [Jan Beulich]
  • 888a7da8c9: x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD [Igor Druzhinin]
  • 06adda76b6: x86/time: update TSC stamp on restore from deep C-state [Igor Druzhinin]
  • 346eae8ed9: IRQ: u16 is too narrow for an event channel number [Jan Beulich]
  • 0e126ccb0c: x86: clear per cpu stub page information in cpu_smpboot_free() [Juergen Gross]
  • ddffc4d8a0: xen/arm: Place a speculation barrier sequence following an eret instruction [Julien Grall]
  • 14b62ab3e5: lz4: fix system halt at boot kernel on x86_64 [Krzysztof Kolasa]
  • 6561994b87: lz4: refine commit 9143a6c55ef7 for the 64-bit case [Jan Beulich]
  • f562c6bb93: x86/tlbflush: do not toggle the PGE CR4 bit unless necessary [Roger Pau Monné]
  • d35cbee6e1: x86: avoid HPET use on certain Intel platforms [Jan Beulich]
  • 85e047d388: gnttab: make sure grant map operations don’t skip their IOMMU part [Jan Beulich]
  • d9dd8639e0: x86/psr: fix bug which may cause crash [Yi Sun]
  • 0e5be46076: x86 / iommu: set up a scratch page in the quarantine domain [Paul Durrant]
  • 146d5bde67: xen/x86: vpmu: Unmap per-vCPU PMU page when the domain is destroyed [Julien Grall]
  • 81bd09fc7c: x86/svm: Write the correct %eip into the outgoing task [Andrew Cooper]
  • b9527ec8f3: x86/svm: Always intercept ICEBP [Andrew Cooper]
  • d6272494bd: x86/vtx: Fix fault semantics for early task switch failures [Andrew Cooper]
  • d397a5a31a: x86/vmx: always sync PIR to IRR before vmentry [Roger Pau Monné]
  • 6a4006708f: x86/domctl: have XEN_DOMCTL_getpageframeinfo3 preemptible [Anthony PERARD]
  • a700446b70: x86/tss: Fix clang build following c/s 7888440625 [Andrew Cooper]
  • 0d91d9decb: x86: Don’t increase ApicIdCoreSize past 7 [George Dunlap]
  • 005c9b8bb5: AMD/IOMMU: Cease using a dynamic height for the IOMMU pagetables [Andrew Cooper]
  • 1432cd5320: x86/mm: relinquish_memory: Grab an extra type ref when setting PGT_partial [George Dunlap]
  • 608be81790: x86/mm: alloc/free_lN_table: Retain partial_flags on -EINTR [George Dunlap]
  • d81c7114a4: x86/mm: Set old_guest_table when destroying vcpu pagetables [George Dunlap]
  • 3d2cc67c46: x86/mm: Don’t reset linear_pt_count on partial validation [George Dunlap]
  • d4a67be45f: x86/vtx: Work around SingleStep + STI/MovSS VMEntry failures [Andrew Cooper]
  • b8a8278277: x86+Arm32: make find_next_{,zero_}bit() have well defined behavior [Jan Beulich]
  • 06555fdec4: update Xen version to 4.11.4-pre [Jan Beulich]
  • 239d37e514: xen:arm: Populate arm64 image header [Amit Singh Tomar]

In addition, this release also contains the following fixes to qemu-traditional:

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.11.3 and qemu-xen-4.11.4).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes. 

XSA Xen qemu-traditional qemu-upstream 
XSA-307 Applied N/A N/A
XSA-308 Applied N/A N/A
XSA-309 Applied N/A N/A
XSA-310 Applied N/A N/A
XSA-311 Applied N/A N/A
XSA-312 Applied N/A N/A
XSA-313 Applied N/A N/A
XSA-314 Applied N/A N/A
XSA-316 Applied N/A N/A
XSA-318 Applied N/A N/A

See for details related to Xen Project security advisories.

We recommend all users of the 4.11 stable series to update to this latest point release.