The Xen hypervisor and tool-suite have been updated to fix security issues and bugs:
* CVE-2013-4494: XSA-73: A lock order reversal between page allocation and grant table locks could lead to host crashes or even host code execution. * CVE-2013-4553: XSA-74: A lock order reversal between page_alloc_lock and mm_rwlock could lead to deadlocks. * CVE-2013-4554: XSA-76: Hypercalls exposed to privilege rings 1 and 2 of HVM guests which might lead to Hypervisor escalation under specific circumstances. * CVE-2013-6375: XSA-78: Insufficient TLB flushing in VT-d (iommu) code could lead to access of memory that was revoked. * CVE-2013-4551: XSA-75: A host crash due to guest VMX instruction execution was fixed.
Non-security bugs have also been fixed:
* bnc#840997: It is possible to start a VM twice on the same node. * bnc#842417: In HP's UEFI x86_64 platform and SLES 11-SP3, dom0 will could lock-up on multiple blades nPar. * bnc#848014: Xen Hypervisor panics on 8-blades nPar with 46-bit memory addressing. * bnc#846849: Soft lock-up with PCI pass-through and many VCPUs. * bnc#833483: Boot Failure with Xen kernel in UEFI mode with error 'No memory for trampoline'. * Increase the maximum supported CPUs in the Hypervisor to 512.