From $URL :
A flaw was found in the way xen_failsafe_callback() handled failed iret,
which causes the stack pointer to be wrong when entering the
iret_exc error path. An unprivileged local guest user in the 32-bit PV
Xen domain could use this flaw to crash the guest.
There are no longer any 2.x kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.