Xen Project steal_page Race Condition Multiple Vulnerabilities (XSA-287)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities including denial of service, information disclosure, and privilege escalation due to a stealpage race condition. Only x86 systems are affected. Note that Nessus h...

x86: steal_page violates page_struct access discipline

ISSUE DESCRIPTION Xen's reference counting rules were designed to allow pages to change owner and state without requiring a global lock. Each page has a page structure, and a very specific set of access disciplines must be observed to ensure that pages are freed properly, and that no writable...