Xen Project 4.4.2
We are pleased to announce the release of Xen 4.4.2. This is available immediately from its git repository
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4 (tag RELEASE-4.4.2) or from this download page
This fixes the following critical vulnerabilities:
CVE-2014-5146, CVE-2014-5149 / XSA-97: Long latency virtual-mmu operations are not preemptible
CVE-2014-7154 / XSA-104: Race condition in HVMOP_track_dirty_vram
CVE-2014-7155 / XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
CVE-2014-7156 / XSA-106: Missing privilege level checks in x86 emulation of software interrupts
CVE-2014-6268 / XSA-107: Mishandling of uninitialised FIFO-based event channel control blocks
CVE-2014-7188 / XSA-108: Improper MSR range used for x2APIC emulation
CVE-2014-8594 / XSA-109: Insufficient restrictions on certain MMU update hypercalls
CVE-2014-8595 / XSA-110: Missing privilege level checks in x86 emulation of far branches
CVE-2014-8866 / XSA-111: Excessive checking in compatibility mode hypercall argument translation
CVE-2014-8867 / XSA-112: Insufficient bounding of “REP MOVS” to MMIO emulated inside the hypervisor
CVE-2014-9030 / XSA-113: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
CVE-2014-9065, CVE-2014-9066 / XSA-114: p2m lock starvation
CVE-2015-0361 / XSA-116: xen crash due to use after free on hvm guest teardown
CVE-2015-1563 / XSA-118: arm: vgic: incorrect rate limiting of guest triggered logging
CVE-2015-2152 / XSA-119: HVM qemu unexpectedly enabling emulated VGA graphics backends
CVE-2015-2044 / XSA-121: Information leak via internal x86 system device emulation
CVE-2015-2045 / XSA-122: Information leak through version information hypercall
CVE-2015-2151 / XSA-123: Hypervisor memory corruption due to x86 emulator flaw
Additionally a bug in the fix for CVE-2014-3969 / CVE-2015-2290 / XSA-98 (which got assigned CVE-2015-2290) got addressed.
Sadly the workaround for CVE-2013-3495 / XSA-59 (Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts) still can’t be guaranteed to cover all affected chipsets; Intel continues to be working on providing us with a complete list.
Apart from those there are many further bug fixes and improvements.
We recommend all users of the 4.4 stable series to update to this first point release.