FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-tools -- Guest triggerable qemu MSI-X pass-through error messages

Affected packages
3.3 <= xen-tools < 4.5.0_6

Details

VuXML ID cbe1a0f9-27e9-11e5-a4a5-002590263bf5
Discovery 2015-06-02
Entry 2015-07-11

The Xen Project reports:

Device model code dealing with guest PCI MSI-X interrupt management activities logs messages on certain (supposedly) invalid guest operations.

A buggy or malicious guest repeatedly invoking such operations may result in the host disk to fill up, possibly leading to a Denial of Service.

References

CVE Name CVE-2015-4105
URL http://xenbits.xen.org/xsa/advisory-130.html