[Sent on behalf of Jan Beulich]
All,
I am pleased to announce the release of Xen 4.4.2. This is
available immediately from its git repository
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4 <http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4>
(tag RELEASE-4.4.2) or from the XenProject download page
http://www.xenproject.org/downloads/xen-archives/xen-44-series/xen-442.html <http://www.xenproject.org/downloads/xen-archives/xen-44-series/xen-442.html>
This fixes the following critical vulnerabilities:
* CVE-2014-5146, CVE-2014-5149 / XSA-97
Long latency virtual-mmu operations are not preemptible
* CVE-2014-7154 / XSA-104
Race condition in HVMOP_track_dirty_vram
* CVE-2014-7155 / XSA-105
Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
* CVE-2014-7156 / XSA-106
Missing privilege level checks in x86 emulation of software interrupts
* CVE-2014-6268 / XSA-107
Mishandling of uninitialised FIFO-based event channel control blocks
* CVE-2014-7188 / XSA-108
Improper MSR range used for x2APIC emulation
* CVE-2014-8594 / XSA-109
Insufficient restrictions on certain MMU update hypercalls
* CVE-2014-8595 / XSA-110
Missing privilege level checks in x86 emulation of far branches
* CVE-2014-8866 / XSA-111
Excessive checking in compatibility mode hypercall argument translation
* CVE-2014-8867 / XSA-112
Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
* CVE-2014-9030 / XSA-113
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
* CVE-2014-9065, CVE-2014-9066 / XSA-114
p2m lock starvation
* CVE-2015-0361 / XSA-116
xen crash due to use after free on hvm guest teardown
* CVE-2015-1563 / XSA-118
arm: vgic: incorrect rate limiting of guest triggered logging
* CVE-2015-2152 / XSA-119
HVM qemu unexpectedly enabling emulated VGA graphics backends
* CVE-2015-2044 / XSA-121
Information leak via internal x86 system device emulation
* CVE-2015-2045 / XSA-122
Information leak through version information hypercall
* CVE-2015-2151 / XSA-123
Hypervisor memory corruption due to x86 emulator flaw
Additionally a bug in the fix for CVE-2014-3969 / CVE-2015-2290 /
XSA-98 (which got assigned CVE-2015-2290) got addressed.
Sadly the workaround for CVE-2013-3495 / XSA-59 (Intel VT-d
Interrupt Remapping engines can be evaded by native NMI
interrupts) still can't be guaranteed to cover all affected chipsets;
Intel continues to be working on providing us with a complete list.
Apart from those there are many further bug fixes and improvements.
We recommend all users of the 4.4 stable series to update to this
first point release.
Regards,
Jan
All,
I am pleased to announce the release of Xen 4.4.2. This is
available immediately from its git repository
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4 <http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4>
(tag RELEASE-4.4.2) or from the XenProject download page
http://www.xenproject.org/downloads/xen-archives/xen-44-series/xen-442.html <http://www.xenproject.org/downloads/xen-archives/xen-44-series/xen-442.html>
This fixes the following critical vulnerabilities:
* CVE-2014-5146, CVE-2014-5149 / XSA-97
Long latency virtual-mmu operations are not preemptible
* CVE-2014-7154 / XSA-104
Race condition in HVMOP_track_dirty_vram
* CVE-2014-7155 / XSA-105
Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
* CVE-2014-7156 / XSA-106
Missing privilege level checks in x86 emulation of software interrupts
* CVE-2014-6268 / XSA-107
Mishandling of uninitialised FIFO-based event channel control blocks
* CVE-2014-7188 / XSA-108
Improper MSR range used for x2APIC emulation
* CVE-2014-8594 / XSA-109
Insufficient restrictions on certain MMU update hypercalls
* CVE-2014-8595 / XSA-110
Missing privilege level checks in x86 emulation of far branches
* CVE-2014-8866 / XSA-111
Excessive checking in compatibility mode hypercall argument translation
* CVE-2014-8867 / XSA-112
Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
* CVE-2014-9030 / XSA-113
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
* CVE-2014-9065, CVE-2014-9066 / XSA-114
p2m lock starvation
* CVE-2015-0361 / XSA-116
xen crash due to use after free on hvm guest teardown
* CVE-2015-1563 / XSA-118
arm: vgic: incorrect rate limiting of guest triggered logging
* CVE-2015-2152 / XSA-119
HVM qemu unexpectedly enabling emulated VGA graphics backends
* CVE-2015-2044 / XSA-121
Information leak via internal x86 system device emulation
* CVE-2015-2045 / XSA-122
Information leak through version information hypercall
* CVE-2015-2151 / XSA-123
Hypervisor memory corruption due to x86 emulator flaw
Additionally a bug in the fix for CVE-2014-3969 / CVE-2015-2290 /
XSA-98 (which got assigned CVE-2015-2290) got addressed.
Sadly the workaround for CVE-2013-3495 / XSA-59 (Intel VT-d
Interrupt Remapping engines can be evaded by native NMI
interrupts) still can't be guaranteed to cover all affected chipsets;
Intel continues to be working on providing us with a complete list.
Apart from those there are many further bug fixes and improvements.
We recommend all users of the 4.4 stable series to update to this
first point release.
Regards,
Jan