The locks page_alloc_lock and mm_rwlock are not always taken in the same order. This raises the possibility of deadlock.
The incorrect order occurs only in the implementation of the deprecated domctl hypercall XEN_DOMCTL_getmemlist.
A malicious guest administrator may be able to deny service to the entire host.
Red Hat would like to thank the Xen project for reporting this issue.
This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.
This issue did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 as we did not have support for Xen hypervisor.
This issue is public now:
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1034925]