The Xen hypervisor and toolset has been updated to 4.2.2_06
to fix various bugs and security issues:
The following security issues have been addressed:
- CVE-2013-2194: Various integer overflows in the ELF
loader were fixed. (XSA-55)
- CVE-2013-2195: Various pointer dereferences issues in
the ELF loader were fixed. (XSA-55)
- CVE-2013-2196: Various other problems in the ELF
loader were fixed. (XSA-55)
- CVE-2013-2078: A Hypervisor crash due to missing
exception recovery on XSETBV was fixed. (XSA-54)
- CVE-2013-2077: A Hypervisor crash due to missing
exception recovery on XRSTOR was fixed. (XSA-53)
- CVE-2013-2211: libxl allowed guest write access to
sensitive console related xenstore keys. (XSA-57)
- CVE-2013-2076: An information leak on XSAVE/XRSTOR
capable AMD CPUs (XSA-52) was fixed, where parts of this
state could leak to other VMs.
Also the following bugs have been fixed:
- performance issues in mirror lvm (bnc#801663)
- aacraid driver panics mapping INT A when booting
kernel-xen (bnc#808085)
- Fully Virtualized Windows VM install failed on Ivy
Bridge platforms with Xen kernel (bnc#808269)
- Did not boot with i915 graphics controller with VT-d
enabled (bnc#817210)