In particular the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these when resetting all event channels or when cleaning up after the guest may take extended periods of time. So far there was no arrangement for preemption at suitable intervals, allowing a CPU to spend an almost unbounded amount of time in the processing of these operations.
Acknowledgments: Name: the Xen project
Statement: This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Mitigation: This issue can be avoided by reducing the number of event channels available to all guests to a suitably low limit. For example, setting "max_event_channels=256" in the xl domain configurations may be low enough for all hardware Xen is able to run on.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1881586]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-25601
External References: https://xenbits.xen.org/xsa/advisory-344.html