| Errata ID | 33 |
|---|---|
| Date | 2014-01-29 |
| Source package | xen-4.1 |
| Fixed in version | 4.1.3-14.39.201401192234 |
| Description | The update fixes the following security vulnerabilities: * Information leak on AVX and/or LWP capable CPUs (CVE-2013-1442) * Lock order reversal between page_alloc_lock and mm_rwlock (CVE-2013-4553) * Information leaks through I/O instruction emulation (CVE-2013-4355) * Information leak through fbld instruction emulation (CVE-2013-4361) * Lock order reversal between page allocation and grant table locks (CVE-2013-4494) It also fixes a race condition, where the first domain sometimes failed to start. |
| Additional notes | |
| CVE ID | CVE-2013-1442 CVE-2013-4553 CVE-2013-4355 CVE-2013-4361 CVE-2013-4494 |
| UCS Bug number | #20481 |
