The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
A vulnerability was reported in Xen. A local user can cause denial of service conditions on the host system. The libxl device-handling code does not properly validate guest user-supplied data from the backend directories in xenstore. A local user with access to the backend domain (e.g., driver domain) can supply specially crafted data to cause certain libxl functions to fail, resulting in denial of service conditions on the host system management tools.Systems using driver domains that are not fully trusted by the host system are affected. Xen systems using libxl-based toolstacks (e.g., xl, libvirt with the libxl driver) are affected.