The locks page_alloc_lock and mm_rwlock are not always taken in the same order. This raises the possibility of deadlock. The incorrect order occurs only in the implementation of the deprecated domctl hypercall XEN_DOMCTL_getmemlist. A malicious guest administrator may be able to deny service to the entire host. Acknowledgements: Red Hat would like to thank the Xen project for reporting this issue.
Statement: Not vulnerable. This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5. This issue did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 as we did not have support for Xen hypervisor.
This issue is public now: http://www.openwall.com/lists/oss-security/2013/11/26/8
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1034925]