A Null pointer dereference issue was found in QEMU's implementation of VMWare's paravirtual RDMA device. It could occur while performing UAR read operation, as it did not define a routine to handle it. A guest user/process could use this flaw to crash QEMU process on host, resulting in DoS. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html Reference: ---------- -> https://www.openwall.com/lists/oss-security/2018/12/18/1
Acknowledgments: Name: Li Qiang
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1660315]