Xen Project Hypervisor 4.14


Megjelent a Xen Project Hypervisor 4.14-es kiadása.

Főbb újdonságok:

  • Linux Stubdomains that can run the newest device models, allowing users to take advantage of one of Xen’s unique security features while still having the latest emulated hardware.
  • Lightweight VM fork for fuzzing / introspection.  Allows very fast introspection “experimentation”, for analyzing malware or finding bugs on systems with Intel EPT support.
  • New livepatch features allow for a wider range of security fixes to be live patched while providing extra safety mechanisms to prevent users from applying patches in the wrong order.
  • Control-flow Enforcement Technology (CET) Shadow Stack support.  Control-flow Enforcement Technology (CET) is a set of features in hardware designed to combat Return-oriented Programming (ROP, also call/jump COP/¯JOP) attacks.  Xen 4.14 can use these hardware features, if available, to protect itself from ROP attacks.

Részletek a bejelentésben.