The PHYSDEVOP_{prepare,release}_msix operations are supposed to be available to privileged guests (domain 0 in non-disaggregated setups) only, but the necessary privilege check was missing.
Malicious or misbehaving unprivileged guests can cause the host or other guests to malfunction. This can result in host-wide denial of service. Privilege escalation, while seeming to be unlikely, cannot be excluded.
Xen 4.1.5 and 4.1.6.1 as well as 4.2.2 and later are vulnerable. Xen 4.2.1 and 4.2.0 as well as 4.1.4 and earlier are not vulnerable.
Only PV guests can take advantage of this vulnerability.