Daniel Berrangé

Name of the Vulnerable Software and Affected Versions: Xen version 3.0.3 Description: The issue is related to the xend in Xen, which does not properly limit the contents of the /local/domain xenstore directory tree and does not properly restrict a guest VM's write access within this tree. This allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to console/tty, console/limit, or image/device-model-pid. Recommendations: For Xen version 3.0.3, consider restricting write access to the xenstore directory tree to prevent guest OS users from causing a denial of service. As a temporary workaround, limit the guest VM's ability to write to console/tty, console/limit, and image/device-model-pid until a patch is available.