[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [ANNOUNCE] Xen 4.3.3 released


I am pleased to announce the release of Xen 4.3.3. This is
available immediately from its git repository
(tag RELEASE-4.3.3) or from the XenProject download page

This fixes the following critical vulnerabilities:
 * CVE-2014-2599 / XSA-89
    HVMOP_set_mem_access is not preemptible
 * CVE-2014-3124 / XSA-92
    HVMOP_set_mem_type allows invalid P2M entries to be created
 * CVE-2014-3967,CVE-2014-3968 / XSA-96
    Vulnerabilities in HVM MSI injection
 * CVE-2014-4021 / XSA-100
    Hypervisor heap contents leaked to guests

Additionally a workaround for CVE-2013-3495 / XSA-59 (Intel VT-d
Interrupt Remapping engines can be evaded by native NMI
interrupts) has been put in place. However, at this point we can't
guarantee that all affected chipsets are being covered; Intel is
working diligently on providing us with a complete list.

Apart from those there are many further bug fixes and improvements.

We recommend all users of the 4.3 stable series to update to this
latest point release.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.