- Prior to this update, trying to unplug virtual CPUs (vCPU) could result in kernel call traces in the guest. As a consequence, guests could terminate unexpectedly when rebooting. This update modifies the underlying code for the userspace tools to stop vCPUs from using the "xm" and "virsh" commands when offline.
- Prior to this update, the xenconsole daemon (xconsoled) was not protected against clock skew (TSkew). This update modifies the underlying code and replaces a redundant executable with the "clock_gettime" command.
- Prior to this update, editing or appending entries in the grub2 menu could cause the pygrub boot loader to terminate or become unresponsive when using the "a" and "e" command line arguments. This update modifies the underlying code to handle the "a" and "e" arguments as expected.
- Prior to this update, the xentop tool could terminate with a segmentation fault when a bridge name contained only capital letters. This update modifies the underlying code to handle network device names that contain only capital letters as expected.
- Prior to this update, the "xen-network-common.sh" script contained a misprint. This update modifies the script and the misprint is now removed.
- Prior to this update, the xenconsole daemon could terminate with a segmentation fault when timestamps were enabled and guests were too verbose. This update modifies the timestamp log to allow for verbose guests.
- Prior to this update, the domU domain did not correctly use the iSCSI disk and the iSCSI disk was not assigned as expected to a guest. This update modifies the underlying code to handle format guessing for names that contain colons.
- Prior to this update, the unregister_iomem() function could cause the removal of iomem ranges, when qemu-dm unpluging emulated NICs. This update modifies the qemu-dm code and unregister_iomem() works now as expected.
- A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest (a DomU) could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain (the Dom0).
- A heap overflow flaw was found in the way QEMU emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash QEMU or, possibly, escalate their privileges on the host.
- Adding support for jumbo frames introduced incorrect network device expansion when a bridge is created. The expansion worked correctly with the default configuration, but could have caused network setup failures when a user-defined network script was used. This update changes the expansion so network setup will not fail, even when a user-defined network script is used.
- A bug was found in xenconsoled, the Xen hypervisor console daemon. If timestamp logging for this daemon was enabled (using both the XENCONSOLED_TIMESTAMP_HYPERVISOR_LOG and XENCONSOLED_TIMESTAMP_GUEST_LOG options in "/etc/sysconfig/xend"), xenconsoled could crash if the guest emitted a lot of information to its serial console in a short period of time. Eventually, the guest would freeze after the console buffer was filled due to the crashed xenconsoled. Timestamp logging is disabled by default.
- A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu process on the host or, possibly, escalate their privileges on the host.