From 3ca9ce371fb88c01c47dd72d1601334fd70a4dca Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 12 Aug 2019 23:04:17 +0200
Subject: Add proposed description for XSA-300

---
 dsa-texts/4.9.168-1+deb9u5 | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/dsa-texts/4.9.168-1+deb9u5 b/dsa-texts/4.9.168-1+deb9u5
index 8fcce2293..2b732aa9f 100644
--- a/dsa-texts/4.9.168-1+deb9u5
+++ b/dsa-texts/4.9.168-1+deb9u5
@@ -142,6 +142,13 @@ CVE-2019-14284
     user-visible IDs, which could make it easier to exploit other
     security vulnerabilities.
 
+XSA-300
+
+    Julien Grall reported that Linux does not limit the amount of memory
+    which a domain will attempt to baloon out, nor limits the amount of
+    "foreign / grant map" memory which any individual guest can consume,
+    leading to denial of service conditions (for host or guests).
+
 For the oldstable distribution (stretch), these problems have been fixed
 in version 4.9.168-1+deb9u5.
 
-- 
cgit v1.2.3