The libxlu library function xlu_vif_parse_rate does not properly handle inputs which consist solely of the '@' character, leading to a NULL pointer dereference. A toolstack which allows untrusted users to specify an arbitrary configuration for the VIF rate can be subjected to a DOS. The only known user of this library is the xl toolstack which does not have a central long running daemon and therefore the impact is limited to crashing the process which is creating the domain, which exists only to service a single domain. Acknowledgements: Red Hat would like to thank the Xen project for reporting this issue.
Statement: Not vulnerable. This issue does not affect the versions of the xen package as shipped with Red Hat Enterprise Linux 5 as it does not provide support for the libxl toolstack. This issue does not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.
External References: http://xenbits.xen.org/xsa/advisory-68.html
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1017843]