Wind River Support Network

HomeDefectsLIN7-3464
Fixed

LIN7-3464 : Security Advisory - qemu - CVE-2015-2756

Created: Apr 16, 2015    Updated: Sep 8, 2018
Resolved Date: Apr 29, 2015
Previous ID: LIN4-32505
Found In Version: 7.0.0.3
Fix Version: 7.0.0.6
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756

Other Downloads


CVEs


Live chat
Online