The kernel is vulnerable to information disclosure. a flaw in the hypervisor for hosts running on Itanium architectures allowed an Intel VTi domain to read arbitrary physical memory from other Intel VTi domains, which could make information available to unauthorized users.
lists.xensource.com/archives/html/xen-announce/2007-11/msg00000.html
lists.xensource.com/archives/html/xen-ia64-devel/2007-10/msg00189.html
osvdb.org/41341
secunia.com/advisories/27915
secunia.com/advisories/29236
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2008-0154.html
www.securityfocus.com/bid/26716
access.redhat.com/errata/RHSA-2008:0154
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9471