[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Xen 4.3.4 released

I am pleased to announce the release of Xen 4.3.4. This is
available immediately from its git repository
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.3 
(tag RELEASE-4.3.4) or from the XenProject download page
http://www.xenproject.org/downloads/xen-archives/xen-43-series/xen-434.html 

Note that this is expected to be the last release of the 4.3 stable
series. The tree will be switched to security only maintenance mode
after this release.

This fixes the following critical vulnerabilities:
 * CVE-2014-5146, CVE-2014-5149 / XSA-97
   Long latency virtual-mmu operations are not preemptible
 * CVE-2014-7154 / XSA-104
   Race condition in HVMOP_track_dirty_vram
 * CVE-2014-7155 / XSA-105
   Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
 * CVE-2014-7156 / XSA-106
   Missing privilege level checks in x86 emulation of software interrupts
 * CVE-2014-7188 / XSA-108
   Improper MSR range used for x2APIC emulation
 * CVE-2014-8594 / XSA-109
   Insufficient restrictions on certain MMU update hypercalls
 * CVE-2014-8595 / XSA-110
   Missing privilege level checks in x86 emulation of far branches
 * CVE-2014-8866 / XSA-111
   Excessive checking in compatibility mode hypercall argument translation
 * CVE-2014-8867 / XSA-112
   Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
 * CVE-2014-9030 / XSA-113
   Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
 * CVE-2014-9065, CVE-2014-9066 / XSA-114
   p2m lock starvation
 * CVE-2015-0361 / XSA-116
   xen crash due to use after free on hvm guest teardown
 * CVE-2015-2152 / XSA-119
   HVM qemu unexpectedly enabling emulated VGA graphics backends
 * CVE-2015-2044 / XSA-121
   Information leak via internal x86 system device emulation
 * CVE-2015-2045 / XSA-122
   Information leak through version information hypercall
 * CVE-2015-2151 / XSA-123
   Hypervisor memory corruption due to x86 emulator flaw

Sadly the workaround for CVE-2013-3495 / XSA-59 (Intel VT-d
Interrupt Remapping engines can be evaded by native NMI
interrupts) still can't be guaranteed to cover all affected chipsets;
Intel continues to be working on providing us with a complete list.

Apart from those there are many further bug fixes and improvements.

We recommend all users of the 4.3 stable series to update to this
latest point release.

Regards,
Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.