Wind River Support Network


LIN7-3464 : Security Advisory - qemu - CVE-2015-2756

Created: Apr 16, 2015    Updated: Sep 8, 2018
Resolved Date: Apr 29, 2015
Previous ID: LIN4-32505
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace


QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

Other Downloads


Live chat