This update for xen fixes the following issues: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. - CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described quot;Microarchitectural Data Samplingquot; attack. - CVE-2019-18424: An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. - CVE-2019-18421: A malicious PV guest administrator may have been able to escalate their privilege to that of the host. - CVE-2019-18425: 32-bit PV guest user mode could elevate its privileges to that of the guest kernel. - CVE-2019-18420: Malicious x86 PV guests may have caused a hypervisor crash, resulting in a Denial of Service