Skip to content


Xen 4.1.3 and 4.0.4 released

Xen.org is pleased to announce the release of Xen 4.0.4 and 4.1.3. These are available immediately from the download pages

We recommend to all users of the Xen 4.1 and 4.0 stable series to update to these latest point releases. The releases contain the following fixes and improvements.

Critical vulnerabilities:

  • CVE-2012-0217 / XSA-7: PV guest privilege escalation vulnerability
  • CVE-2012-0218 / XSA-8: guest denial of service on syscall/sysenter exception generation
  • CVE-2012-2934 / XSA-9: PV guest host Denial of Service
  • CVE-2012-3432 / XSA-10: HVM guest user mode MMIO emulation DoS vulnerability
  • CVE-2012-3433 / XSA-11: HVM guest destroy p2m teardown host DoS vulnerability

You can find more detailed descriptions of these vulnerabilities on the Security Announcement page.

Bug fixes:

The releases contain over 100 bug fixes and smaller improvements since Xen 4.1.2 and 4.0.3. The most significant fixes are:

  • Updates for the latest Intel/AMD CPU revisions
  • Bug fixes and improvements to the libxl tool stack
  • Bug fixes for IOMMU handling (device passthrough to HVM guests)
  • Bug fixes for host kexec/kdump

Thank you to the many contributors to the project. Should you discover any bugs, please consult the Bug Reporting Guidelines. Also note, that Xen 4.2 release candidates are available for testing and that we will run the first Xen Test Day next Tuesday. For more information see here.


Be Sociable and Share!

Posted in Xen Hypervisor.

Tagged with , .


One Response

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Continuing the Discussion

  1. Обновление гипервизора Xen: 4.1.3 и 4.0.4 | AllUNIX.ru — Всероссийский портал о UNIX-системах linked to this post on August 10, 2012

    [...] Доступны корректирующие релизы свободного гипервизора Xen — 4.1.3 и 4.0.4, в которых не добавлено новшеств, но проведена работа над ошибками и устранено 5 уязвимостей. Четыре уязвимости позволяют инициировать отказ в обслуживании хост-системы через выполнения операций внутри гостевой системы. Одна уязвимость позволяет пользователю гостевой системы организовать выполнение кода на стороне управляющей хост-системы. [...]

You must be logged in to post a comment.