Hello, it's been puzzling me for a while that these fixes, despite having the necessary Cc, did not make it into (at least) 4.1.y and 3.12.y yet. Unless there's a specific reason, may I ask for inclusion of CVE-2015-8550 / XSA-155: 454d5d882c xen: Add RING_COPY_REQUEST() 0f589967a7 xen-netback: don't use last request to determine minimum Tx credit 68a33bfd84 xen-netback: use RING_COPY_REQUEST() throughout 1f13d75ccb xen-blkback: only read request operation from shared ring once 1877914910 xen-blkback: read from indirect descriptors only once be69746ec1 xen-scsiback: safely copy requests 8135cf8b092 xen/pciback: Save xen_pci_op commands before processing it plus the follow-up fix d159457b84 xen/pciback: Save the number of MSI-X entries to be copied later. CVE-2015-8551, CVE-2015-8552 / XSA-157: 56441f3c8e xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled 5e0ce1455c xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled a396f3a210 xen/pciback: Do not install an IRQ handler for MSI interrupts. 7cfb905b96 xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled. 408fb0e5aa xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set. plus the follow-up fix 8d47065f7d xen/pciback: Check PF instead of VF for PCI_COMMAND_MEMORY Thanks, Jan -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html