A flaw was found in xen. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. A malicious or buggy guest administrator can lock up the entire host, causing a Denial of Service.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1616077]