103 matches found
UBUNTU-CVE-2015-7549
The MSI-X MMIO support in hw/pci/msix.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by leveraging failure to define the .write method...
DEBIAN-CVE-2014-1666
The dophysdevop function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the 1 PHYSDEVOPpreparemsix and 2 PHYSDEVOPreleasemsix operations, which allows local PV guests to cause a denial of service host or guest malfunction or possibly gain privileges via...
PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests
ISSUE DESCRIPTION The PHYSDEVOPprepare,releasemsix operations are supposed to be available to privileged guests domain 0 in non-disaggregated setups only, but the necessary privilege check was missing. IMPACT Malicious or misbehaving unprivileged guests can cause the host or other guests to...