Wind River Support Network

HomeDefectsLIN5-20341
Fixed

LIN5-20341 : Security Advisory - qemu - CVE-2015-2756

Created: Apr 16, 2015    Updated: Jan 23, 2018
Resolved Date: Apr 29, 2015
Previous ID: LIN4-32503
Found In Version: 5.0.1.24
Fix Version: 5.0.1.26
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756

Other Downloads


Live chat
Online