When dealing with the grant map space of add-to-physmap operations, ARM specific code recognizes a number of error conditions, but fails to release a lock being held on the respective exit paths. A malicious guest administrator can cause a denial of service. Specifically, prevent use of a physical CPU for an indefinite period of time. Upstream patch: http://seclists.org/oss-sec/2017/q3/att-341/xsa235.patch References: http://seclists.org/oss-sec/2017/q3/341
Only affects ARM architectures.
External References: https://xenbits.xen.org/xsa/advisory-235.html
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1503678]