FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-tools -- populate-on-demand balloon size inaccuracy can crash guests

Affected packages
3.4 <= xen-tools < 4.5.1_2

Details

VuXML ID c0e76d33-8821-11e5-ab94-002590263bf5
Discovery 2015-10-29
Entry 2015-11-11

The Xen Project reports:

Guests configured with PoD might be unstable, especially under load. In an affected guest, an unprivileged guest user might be able to cause a guest crash, perhaps simply by applying load so as to cause heavy memory pressure within the guest.

References

CVE Name CVE-2015-7972
URL http://xenbits.xen.org/xsa/advisory-153.html