The remote Debian host is missing a security-related update.
Several vulnerabilities were discovered in the Xen virtual machine hypervisor. - CVE-2011-1166 A 64-bit guest can get one of its vCPUs into non-kernel mode without first providing a valid non-kernel pagetable, thereby locking up the host system. - CVE-2011-1583, CVE-2011-3262 Local users can cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image. - CVE-2011-1898 When using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, guest OS users can gain host OS privileges by writing to the interrupt injection registers. The oldstable distribution (lenny) contains a different version of Xen not affected by these problems.
Upgrade the xen packages. For the stable distribution (squeeze), this problem has been fixed in version 4.0.1-4.