$NetBSD: patch-CVE-2014-1666,v 1.1 2014/01/24 17:07:36 drochner Exp $

http://lists.xenproject.org/archives/html/xen-devel/2014-01/msg02075.html

--- xen/arch/x86/physdev.c.orig	2014-01-24 16:04:18.000000000 +0000
+++ xen/arch/x86/physdev.c	2014-01-24 16:05:09.000000000 +0000
@@ -554,7 +554,9 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H
     case PHYSDEVOP_release_msix: {
         struct physdev_pci_device dev;
 
-        if ( copy_from_guest(&dev, arg, 1) )
+        if ( !IS_PRIV(v->domain) )
+	    ret = -EPERM;
+        else if ( copy_from_guest(&dev, arg, 1) )
             ret = -EFAULT;
         else if ( dev.seg )
             ret = -EOPNOTSUPP;
