On 31 March 2015 at 15:18, Stefano Stabellini <stefano.stabell...@eu.citrix.com> wrote: > From: Jan Beulich <jbeul...@suse.com> > > Otherwise the guest can abuse that control to cause e.g. PCIe > Unsupported Request responses (by disabling memory and/or I/O decoding > and subsequently causing [CPU side] accesses to the respective address > ranges), which (depending on system configuration) may be fatal to the > host. > > This is CVE-2015-2756 / XSA-126. > > Signed-off-by: Jan Beulich <jbeul...@suse.com> > Reviewed-by: Stefano Stabellini <stefano.stabell...@eu.citrix.com> > Acked-by: Ian Campbell <ian.campb...@citrix.com>
Oops, this one got lost. I'm going to commit it to qemu master tomorrow (so it will go in -rc3), unless there are objections (I can't really tell from the thread what the conclusion of the discussion was). -- PMM
