In netfront, xennet_alloc_one_rx_buffer() failed to call the appropriate clean-up function, resulting in a memory leak.
A malicious guest userspace process can exhaust memory resources within the guest kernel, potentially leading to a guest crash (Denial of Service). It is not known whether it can be triggered remotely.
Systems with guests running Linux 5.9 and later with Xen PV network devices are affected.