The pv bootloader doesn't check the size of a bzip2 or lzma compressed kernel image. Denial of service can be caused by padding a large file at the end of the kernel image, which can be used by a malicious domU root to cause OOM conditions on the host.
Red Hat would like to thank Xinli Niu for reporting this issue.
This has been assigned CVE-2012-2625 by MITRE.
This is public, http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1817.
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2012:1130 https://rhn.redhat.com/errata/RHSA-2012-1130.html