CVE-2014-3471 Qemu: hw: pci: use after free triggered via guest

[P J P <ppandit () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   Hello,

Qemu PCIe bus support is vulnerable to a use-after-free flaw. It could occur
via guest, when it tries to hotplug/hotunplug devices on the guest.

A user able to add & delete Virtio block devices on a guest could use this
flaw to crash the Qemu instance resulting in DoS.

Upstream fix:
- -------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2014-06/msg05283.html

Thank you.
- --
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTqCZDAAoJEN0TPTL+WwQf6ooP/04A9RjbsqIomiYV5XaVQCU4
BRf3YUoxcwxm9RvnJbdteEfjNCbsjtVDZ07u9JOr06zlgI7CiO+Mgv9NtQUHeZAb
JafpFbBMKfTykjyWyvubVihfugYHAZwY5UdHXdfazeZuZrnSVA7b98szBGrwe075
yPUTVf5G49F1Y8z4TvRFiG6rYj19cQihoKwzboJ+LJjNTVk5stBEUxEXwFYcIPIw
BHdiy/Uqq9HzmUlimOgEZ7ixlDWC92zlln0CWgaKK5KugEwiyOtmA6n4B6BbQbo5
0e0XimJ67dC6nNfRn9+PDx3IQsJYGJ405mkheL5lDj43hauGDO/by3Oy/Rqns/Nm
+5eycIAy5oD+PCKCv5NynaHS9OG/WjRwbYEQZfGtaLLGQxSR4terQMV2ZBPT92Mt
U6295bR4q56VFpEBqNpSqPs97775kKv717FGZ72y5Hmu2mY3XdEXhLSPqYvwoE0M
azgBGb4s2mc0DZvKz1Yhy8Q7Z0fWRIXyzsZyyzLjfZgEDvgvHUo+Fh7wmfc7hsYx
qlrIocGCad7lTkQGXlC0E8elD5Vfc9FB1g0VK5JRP6EtAez4c+o/KYBEZR6L+vpZ
Q12EHAp/qcQjupDhrjqta7TB+kxTKcHjQ7w81j2JAZhR6XW1FAFrmYVZklqMLgU7
lpULw4V70H6kAXnl87m3
=jtkJ
-----END PGP SIGNATURE-----