4.198. xen

Updated xen packages that fix various bugs and add two enhancements are now available for Red Hat Enterprise Linux 5.
The xen packages provide administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux.

Bug Fixes

BZ#716924
Prior to this update, trying to unplug virtual CPUs (vCPU) could result in kernel call traces in the guest. As a consequence, guests could terminate unexpectedly when rebooting. This update modifies the underlying code for the userspace tools to stop vCPUs from using the "xm" and "virsh" commands when offline.
BZ#753796
Prior to this update, the xenconsole daemon (xconsoled) was not protected against clock skew (TSkew). This update modifies the underlying code and replaces a redundant executable with the "clock_gettime" command.
BZ#766483
Prior to this update, editing or appending entries in the grub2 menu could cause the pygrub boot loader to terminate or become unresponsive when using the "a" and "e" command line arguments. This update modifies the underlying code to handle the "a" and "e" arguments as expected.
BZ#771617
Prior to this update, the xentop tool could terminate with a segmentation fault when a bridge name contained only capital letters. This update modifies the underlying code to handle network device names that contain only capital letters as expected.
BZ#772639
Prior to this update, the "xen-network-common.sh" script contained a misprint. This update modifies the script and the misprint is now removed.
BZ#796598
Prior to this update, the xenconsole daemon could terminate with a segmentation fault when timestamps were enabled and guests were too verbose. This update modifies the timestamp log to allow for verbose guests.
BZ#803181
Prior to this update, the domU domain did not correctly use the iSCSI disk and the iSCSI disk was not assigned as expected to a guest. This update modifies the underlying code to handle format guessing for names that contain colons.
BZ#861349
Prior to this update, the unregister_iomem() function could cause the removal of iomem ranges, when qemu-dm unpluging emulated NICs. This update modifies the qemu-dm code and unregister_iomem() works now as expected.

Enhancements

BZ#769613
This update adds the "-p" and "--paused" options to the "xm restore" command so that guests can be paused when debugging issues with gdbsx without pausing vCPUs.
BZ#831122
This update adds customisable Xen live migration parameters and rollback capability to the xen package.
Users of xen are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux.

Security Fix

CVE-2012-2625
A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest (a DomU) could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain (the Dom0).
Red Hat would like to thank Xinli Niu for reporting this issue.
All users of xen are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the xend service must be restarted for this update to take effect.
Updated xen packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link(s) associated with each description below.
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux.

Security Fix

CVE-2012-0029
A heap overflow flaw was found in the way QEMU emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash QEMU or, possibly, escalate their privileges on the host.
Red Hat would like to thank Nicolae Mogoreanu for reporting this issue.

Bug Fixes

BZ#797191
Adding support for jumbo frames introduced incorrect network device expansion when a bridge is created. The expansion worked correctly with the default configuration, but could have caused network setup failures when a user-defined network script was used. This update changes the expansion so network setup will not fail, even when a user-defined network script is used.
BZ#797836
A bug was found in xenconsoled, the Xen hypervisor console daemon. If timestamp logging for this daemon was enabled (using both the XENCONSOLED_TIMESTAMP_HYPERVISOR_LOG and XENCONSOLED_TIMESTAMP_GUEST_LOG options in "/etc/sysconfig/xend"), xenconsoled could crash if the guest emitted a lot of information to its serial console in a short period of time. Eventually, the guest would freeze after the console buffer was filled due to the crashed xenconsoled. Timestamp logging is disabled by default.
All xen users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link(s) associated with each description below.
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux.

Security Fix

CVE-2012-3515
A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu process on the host or, possibly, escalate their privileges on the host.
This flaw did not affect the default use of the Xen hypervisor implementation in Red Hat Enterprise Linux 5. This problem only affected fully-virtualized guests that have a serial or parallel device that uses a virtual console (vc) back-end. By default, the virtual console back-end is not used for such devices; only guests explicitly configured to use them in this way were affected.
Red Hat would like to thank the Xen project for reporting this issue.
All users of xen are advised to upgrade to these updated packages, which correct this issue. After installing the updated packages, all fully-virtualized guests must be restarted for this update to take effect.