xen/arm is vulnerable to denial of service. No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured.
lists.fedoraproject.org/archives/list/[email protected]/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID/
lists.fedoraproject.org/archives/list/[email protected]/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/
lists.fedoraproject.org/archives/list/[email protected]/message/LPRVHW4J4ZCPPOHZEWP5MOJT7XDGFFPJ/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.13/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
security.gentoo.org/glsa/202208-23
www.debian.org/security/2021/dsa-4977
xenbits.xenproject.org/xsa/advisory-383.txt