The hypercall VCPUOP_register_vcpu_info is used by a guest to register a shared region with the hypervisor. The region will be mapped into Xen address space so it can be directly accessed. On Arm, the region is accessed with instructions which require a specific alignment. Unfortunately, there is no check that the address provided by the guest will be correctly aligned. As a result, a malicious guest could cause a hypervisor crash by passing a misaligned address.
Acknowledgments: Name: the Xen project
Statement: Only ARM systems are vulnerable, x86 systems are not affected by this flaw.
External References: https://xenbits.xen.org/xsa/advisory-327.html
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1854458]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-15564