[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] [Qemu-devel] [PATCH][XSA-126] xen: limit guest control
From: |
Peter Maydell |
Subject: |
Re: [Qemu-stable] [Qemu-devel] [PATCH][XSA-126] xen: limit guest control of PCI command register |
Date: |
Fri, 10 Apr 2015 12:49:13 +0100 |
On 10 April 2015 at 12:45, Peter Maydell <address@hidden> wrote:
> On 9 April 2015 at 19:10, Peter Maydell <address@hidden> wrote:
>> On 31 March 2015 at 15:18, Stefano Stabellini
>> <address@hidden> wrote:
>>> From: Jan Beulich <address@hidden>
>>>
>>> Otherwise the guest can abuse that control to cause e.g. PCIe
>>> Unsupported Request responses (by disabling memory and/or I/O decoding
>>> and subsequently causing [CPU side] accesses to the respective address
>>> ranges), which (depending on system configuration) may be fatal to the
>>> host.
>>>
>>> This is CVE-2015-2756 / XSA-126.
>>>
>>> Signed-off-by: Jan Beulich <address@hidden>
>>> Reviewed-by: Stefano Stabellini <address@hidden>
>>> Acked-by: Ian Campbell <address@hidden>
>>
>> Oops, this one got lost. I'm going to commit it to qemu master tomorrow
>> (so it will go in -rc3), unless there are objections (I can't
>> really tell from the thread what the conclusion of the discussion
>> was).
>
> Committed.
I forgot to add the CC:stable to the commit message even after
mentioning it on IRC, though :-( Sorry about that.
-- PMM
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Qemu-stable] [Qemu-devel] [PATCH][XSA-126] xen: limit guest control of PCI command register,
Peter Maydell <=