Quick Emulator(Qemu) built with the virtio-9p back-end support is vulnerable to a null pointer dereference issue. It could occur while doing an I/O vector unmarshalling operation in v9fs_iov_vunmarshal() routine. A privileged user/process inside guest could use this flaw to crash the Qemu process instance resulting in Dos. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
Acknowledgments: Name: Li Qiang (360.cn Inc.)
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1383293]
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1383292]
commit ba42ebb863ab7d40adc79298422ed9596df8f73a Author: Li Qiang <liqiang6-s> Date: Mon Oct 17 14:13:58 2016 +0200 9pfs: allocate space for guest originated empty strings