Ubuntu Security Notice 527-1 - Joris van Rantwijk discovered that the Xen host did not correctly validate the contents of a Xen guests's grug.conf file. Xen guest root users could exploit this to run arbitrary commands on the host when the guest system was rebooted.
b20366bfd1d1fb2c8d548ccbaca36149c280a32d2dedb03ec5ce0141a24f9566