Vladymyr Denysov

**Name of the Vulnerable Software and Affected Versions** Xen version 3.1.2 Linux kernel version 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 **Description** The issue allows guest OS users to cause a denial of service, resulting in a host OS panic. This occurs when there is an attempted access to a virtual CD-ROM device through the blkback driver, involving the `vbd create` function. **Recommendations** For Xen version 3.1.2, consider restricting access to the virtual CD-ROM device to prevent the denial of service. For Linux kernel version 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, avoid using the blkback driver until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.