CVE-2015-4103

Priority
Medium
Description
Xen 3.3.x through 4.5.x does not properly restrict write access to the host
MSI message data field, which allows local x86 HVM guest administrators to
cause a denial of service (host interrupt handling confusion) via vectors
related to qemu and accessing spanning multiple fields.
References
Bugs
Assigned-to
mdeslaur
Package
Source: xen (LP Ubuntu Debian)
Upstream:needed
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.2-0ubuntu0.14.04.2)
Patches:
Upstream:http://xenbits.xen.org/xsa/xsa128-qemut.patch
Upstream:http://xenbits.xen.org/xsa/xsa128-qemuu-4.3.patch
Upstream:http://xenbits.xen.org/xsa/xsa128-qemuu.patch
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needed
Ubuntu 14.04 LTS (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.13)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=5c83b2f5b4b956e91dd6e5711f14df7ab800aefb
More Information

Updated: 2018-06-26 04:58:03 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)