xen is vulnerable to denial of service (DoS). The vulnerability exists in oxenstored, where a owner could give a node away, causing guest can run out of quota, or create an unbounded number of nodes owned by dom0, thus running xenstored out of memory.
lists.fedoraproject.org/archives/list/[email protected]/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/
lists.fedoraproject.org/archives/list/[email protected]/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/
secdb.alpinelinux.org/v3.12/main.yaml
security.gentoo.org/glsa/202107-30
www.debian.org/security/2020/dsa-4812
xenbits.xenproject.org/xsa/advisory-352.html