FreeBSD : xen-tools -- Unmediated PCI register access in qemu (3d657340-27ea-11e5-a4a5-002590263bf5)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The Xen Project reports :

Qemu allows guests to not only read, but also write all parts of the
PCI config space (but not extended config space) of passed through PCI
devices not explicitly dealt with for (partial) emulation purposes.

Since the effect depends on the specific purpose of the the config
space field, it's not possible to give a general statement about the
exact impact on the host or other guests. Privilege escalation, host
crash (Denial of Service), and leaked information all cannot be
excluded.

See also :

http://xenbits.xen.org/xsa/advisory-131.html
http://www.nessus.org/u?1804da88

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84699 ()

Bugtraq ID:

CVE ID: CVE-2015-4106

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now