QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
| Link | Tags |
|---|---|
| http://www.securityfocus.com/bid/72577 | vdb entry |
| https://security.gentoo.org/glsa/201504-04 | vendor advisory |
| https://support.citrix.com/article/CTX206006 | |
| http://www.debian.org/security/2015/dsa-3259 | vendor advisory |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155198.html | vendor advisory |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154574.html | vendor advisory |
| http://support.citrix.com/article/CTX201145 | |
| http://lists.nongnu.org/archive/html/qemu-devel/2015-03/msg06179.html | mailing list |
| http://xenbits.xen.org/xsa/advisory-126.html | vendor advisory |
| http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html | vendor advisory |
| http://www.ubuntu.com/usn/USN-2608-1 | vendor advisory |
| http://www.securitytracker.com/id/1031998 | vdb entry |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154579.html | vendor advisory |