Some MMU virtualization operations on HVM guests must process every
page assigned to a guest. For larger guests, this can tie up a vcpu
for a significant amount of time, as the operations are not
A malicious HVM guest with a large allocation of shadow/p2m RAM
can mount a denial of service attack affecting the whole system.
Red Hat would like to thank the Xen project for reporting this issue.
This issue does not affect the versions of the kernel-xen package as shipped
with Red Hat Enterprise Linux 5.