6cf2249c03
The user-space xenstore device is currently lacking a check to make sure that the caller is only using transaction ids currently assigned to it. This allows users of the xenstore device to hijack transactions not started by them, although the scope is limited to transactions started by the same domain. Tested by: Nathan Friess <nathan.friess@gmail.com> Sponsored by: Citrix Systems R&D