Wind River Support Network

HomeDefectsLIN6-9760
Fixed

LIN6-9760 : Security Advisory - qemu - CVE-2015-2756

Created: Apr 16, 2015    Updated: Dec 3, 2018
Resolved Date: Apr 29, 2015
Previous ID: LIN4-32504
Found In Version: 6.0.0.18
Fix Version: 6.0.0.20
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756

Other Downloads


Live chat
Online