|Category:||Access Control Error|
CVE-2014-9718, CVE-2015-1779, CVE-2015-2044, CVE-2015-2045, CVE-2015-2151, CVE-2015-2751, CVE-2015-2752, CVE-2015-3456, CVE-2015-5165, CVE-2015-5307, CVE-2015-7969, CVE-2015-7970, CVE-2015-7971, CVE-2015-7972, CVE-2015-8104, CVE-2015-8339, CVE-2015-8340, CVE-2015-8550, CVE-2015-8554, CVE-2015-8555, CVE-2015-8615, CVE-2016-1570, CVE-2016-1571, CVE-2016-2270, CVE-2016-2271
Published on 01/04/15 - Updated on 15/11/17
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
CWE-264 (Permissions, Privileges, and Access Control)
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
|SUSE-SU-2015:0701, SUSE-SU-2015:0745, SUSE-SU-2015:0746, SUSE-SU-2015:0747|
No exploits available for this CVE in our database.