Some MMU virtualization operations on HVM guests must process every page assigned to a guest. For larger guests, this can tie up a vcpu for a significant amount of time, as the operations are not preemptible. A malicious HVM guest with a large allocation of shadow/p2m RAM can mount a denial of service attack affecting the whole system. Acknowledgements: Red Hat would like to thank the Xen project for reporting this issue.
Statement: Not vulnerable. This issue does not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.