The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasing an RCU reference, which is conceptually similar to forgetting to unlock a spinlock.
Acknowledgments: Name: the Xen project
Statement: This issue can generally only be exploited by x86 HVM guests, as these are the only type of VM which have a QEMU stubdomain. x86 PV and PVH domains, as well as ARM guests typically don't use a stubdomain. Additionally, VMs using PV stubdomains or with emulators running in dom0 cannot exploit the vulnerability. Xen 4.14 and later versions are vulnerable to this flaw. Red Hat Enterprise Linux 5 is not affected, as it shipped an older version of Xen which did not include the buggy code path.
Mitigation: Reconfiguring x86 HVM guests to use a PV or no stubdomain will mitigate the vulnerability.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1881616]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-25598
External References: https://xenbits.xen.org/xsa/advisory-334.html