When running on an ARM platform Xen was not correctly configuring the hardware virtualisation platform and therefore did not prevent guests from accessing various hardware features including cache control, coprocessors, debug registers and various processor specific registers.
By accessing these hardware facilities a malicious or buggy guest may be able to cause various issues, including crashing the host, crashing other guests (including control domains) and data corruption. Privilege escalation is not thought to be possible but has not been ruled out.
Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable.