[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/2] xen-pciback: limit guest control of command register



On 11/03/15 13:51, Jan Beulich wrote:
> Otherwise the guest can abuse that control to cause e.g. PCIe
> Unsupported Request responses (by disabling memory and/or I/O decoding
> and subsequently causing [CPU side] accesses to the respective address
> ranges), which (depending on system configuration) may be fatal to the
> host.
> 
> Note that to alter any of the bits collected together as
> PCI_COMMAND_GUEST permissive mode is now required to be enabled
> globally or on the specific device.
> 
> This is CVE-2015-2150 / XSA-120.

Applied to stable/for-linus-4.0 and tagged for stable, thanks.

David

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.