libvchan (a library for inter-domain communication) does not correctly handle unusual or malicious contents in the xenstore ring. A malicious guest can exploit this to cause a libvchan-using facility to read or write past the end of the ring. libvchan-using facilities are vulnerable to denial of service and perhaps privilege escalation. External reference: http://seclists.org/oss-sec/2014/q1/264 Acknowledgements: Red Hat would like to thank the Xen project for reporting this issue.
Statement: Not vulnerable. This issue does not affect the versions of the xen package as shipped with Red Hat Enterprise Linux 5 as it does not provide oxenstored. This issue does not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1062335]
This was assigned CVE-2014-1896: http://seclists.org/oss-sec/2014/q1/283