This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

The current version of virtio-console doesn't handle hot-unplug properly: it
leads to accessing memory outside the driver's memory area and can cause guest
kernel panics.

There are a few ways to trigger this, one of them:

1. Open a virtio-console port in the guest (eg /dev/vport0p1)
2. Block the port on read (eg cat /dev/vport0p1 with host chardev connected)
3. Hot-unplug the port (using the device_del command for the qemu monitor)
4. Close the port in the guest

Patches are queued for inclusion upstream.

Note that by default only root is allowed to open a virtio-console port, so
this can't be triggered by an unprivileged user in the default setup.

in kernel-2.6.18-227.el5
You can download this test kernel (or newer) from http://people.redhat.com/jwilson/el5

Detailed testing feedback is always welcomed.

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0017.html