43 matches found
QEMU Unmediated PCI Register Access Vulnerability
QEMU is an open source emulator software. QEMU fails to properly restrict write access to the PCI configuration space of certain PCI passthrough devices, which can allow local x86 HVM clients to gain elevated privileges, cause denial of service, access sensitive information, and more...
DEBIAN-CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service host crash, obtain sensitive information, or possibly have other unspecified impact via unknown vectors...
Design/Logic Flaw
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...