CVE-2015-4106

EPSS 0.08%

Published: 6/3/2015Modified: 4/28/2026

Description

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

Affected packages (2)

Debian/qemufrom 0, < 1:2.3+dfsg-5
Debian/xenfrom 0, < 4.4.0-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-4106