Описание
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
A NULL pointer dereference flaw was found in the MegaRAID SAS 8708EM2 emulator of the QEMU. This issue occurs because the address_space_map() API while mapping physical memory into the host's virtual address space, may return NULL without setting the length parameter to zero (0). This flaw allows a guest user or process to crash the QEMU process on the host resulting in a denial of service.
Отчет
In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP qemu-kvm-rhev package.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-ma | Fix deferred | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Fix deferred | ||
| Red Hat Enterprise Linux 8 | virt:rhel/qemu-kvm | Fix deferred | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/qemu-kvm | Fix deferred | ||
| Red Hat Enterprise Linux 9 | qemu-kvm | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | qemu-kvm-rhev | Will not fix | ||
| Red Hat OpenStack Platform 13 (Queens) | qemu-kvm-rhev | Will not fix |
Показывать по
Дополнительная информация
Статус:
2.5 Low
CVSS3
Связанные уязвимости
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer d ...
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
2.5 Low
CVSS3