Xen Hypervisor 4.1.4 Download
Welcome to the Xen 4.1.4 download page! We recommend all users of the 4.0 and 4.1 stable series to update to Xen 4.1.4.
Xen 4.1.4 is a maintenance release in the 4.1 series and contains:
- Fixes for the following critical vulnerabilities: We recommend all users of the 4.0 and 4.1 stable series to update to Xen 4.1.4.
- CVE-2012-3494 / XSA-12: hypercall set_debugreg vulnerability
- CVE-2012-3495 / XSA-13: hypercall physdev_get_free_pirq vulnerability
- CVE-2012-3496 / XSA-14: XENMEM_populate_physmap DoS vulnerability
- CVE-2012-3498 / XSA-16: PHYSDEVOP_map_pirq index vulnerability
- CVE-2012-3515 / XSA-17: Qemu VT100 emulation vulnerability
- CVE-2012-4411 / XSA-19: guest administrator can access qemu monitor console
- CVE-2012-4535 / XSA-20: Timer overflow DoS vulnerability
- CVE-2012-4536 / XSA-21: pirq range check DoS vulnerability
- CVE-2012-4537 / XSA-22: Memory mapping failure DoS vulnerability
- CVE-2012-4538 / XSA-23: Unhooking empty PAE entries DoS vulnerability
- CVE-2012-4539 / XSA-24: Grant table hypercall infinite loop DoS vulnerability
- CVE-2012-4544,CVE-2012-2625 / XSA-25: Xen domain builder Out-of-memory due to malicious kernel/ramdisk
- CVE-2012-5510 / XSA-26: Grant table version switch list corruption vulnerability
- CVE-2012-5511 / XSA-27: several HVM operations do not validate the range of their inputs
- CVE-2012-5512 / XSA-28: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak
- CVE-2012-5513 / XSA-29: XENMEM_exchange may overwrite hypervisor memory
- CVE-2012-5514 / XSA-30: Broken error handling in guest_physmap_mark_populate_on_demand()
- CVE-2012-5515 / XSA-31: Several memory hypercall operations allow invalid extent order values
- Among many bug fixes and improvements (almost 100 since Xen 4.1.3). Highlights are:
- A fix for a long standing time management issue
- Bug fixes for S3 (suspend to RAM) handling
- Bug fixes for other low level system state handling
It also contains the following fixes from earlier maintenance releases:
- Security fixes including CVE-2011-1583, CVE-2011-1898, CVE-2012-0217 / XSA-7, CVE-2012-0218 / XSA-8,
CVE-2012-2934 / XSA-9, CVE-2012-3432 / XSA-10 and CVE-2012-3433 / XSA-11
- Enhancements to guest introspection (VM single stepping support for very fine-grained access control)
- Many bug fixes and improvements, such as:
- Updates for the latest Intel/AMD CPU revisions
- Bug fixes and improvements to the libxl tool stack
- Bug fixes for IOMMU handling (device passthrough to HVM guests)
- Bug fixes for host kexec/kdump
- PV-on-HVM stability fixes (fixing some IRQ issues)
- XSAVE cpu feature support for PV guests (allows safe use of latest multimedia instructions)
- RAS fixes for high availability
- fixes for offlining bad pages
- changes to libxc, mainly of benefit to libvirt
- New XL toolstack
- Debug support: kexec/kdump
- Remus (High Availability)
- Device passthrough to HVM guests
- Interrupt handling
- Support for Supervisor Mode Execution Protection (SMEP)
- Compatibility fixes for newer Linux guests, newer compilers, some old guest savefiles, newer Python, grub2, some hardware/BIOS bugs.
The Xen 4.1 release contains a number of important new features and updates including:
- A re-architected XL toolstack that is functionally nearly equivalent to XM/XEND
- Prototype credit2 scheduler designed for latency-sensitive workloads and very large systems
- CPU Pools for advanced partitioning
- Support for large systems (>255 processors and 1GB/2MB super page support)
- Support for x86 Advanced Vector eXtension (AVX)
- New Memory Access API enabling integration of 3rd party security solutions into Xen virtualized environments
- Even better stability through our new automated regression tests
- Xen 4.1 Release Notes
- Xen 4.1 Datasheet
 tarball |
Xen 4.1.4 (hypervisor and tools) official source distribution |
|
signature |
| 
