The locks page_alloc_lock and grant_table.lock are not always taken in the same order. This opens the possibility of deadlock. As a result, a malicious guest administrator can deny service to the entire host. References: http://seclists.org/oss-sec/2013/q4/204 Acknowledgements: Red Hat would like to thank the Xen project for reporting this issue.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1026248]
Statement: This issue did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.
xen-4.3.1-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
xen-4.2.3-7.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
xen-4.2.3-7.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0108 https://rhn.redhat.com/errata/RHSA-2014-0108.html