The emulation of far branch instructions (CALL, JMP, and RETF in Intel assembly syntax, LCALL, LJMP, and LRET in AT&T assembly syntax) incompletely performs privilege checks. Malicious HVM guest user mode code may be able to elevate its privileges to guest supervisor mode, or to crash the guest. Acknowledgements: Red Hat would like to thank the Xen for reporting this issue.
Statement: Not vulnerable. This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.
External References: http://xenbits.xen.org/xsa/advisory-110.html
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1165204]