A divide by zero issue was found in the Xilinx Zynq platform emulation of QEMU, available through arm/aarch64 targets. Specifically, function zynq_slcr_compute_pll() in hw/misc/zynq_slcr.c computes the output frequency using input frequency and PLL_CTRL register without properly validating the latter. A guest user may be able to exploit this flaw to crash the QEMU process on the host, resulting in a denial of service.
Acknowledgments: Name: Gaoning Pan (Zhejiang University)
Created qemu tracking bugs for this issue: Affects: epel-7 [bug 1906514] Affects: fedora-all [bug 1906513]
Statement: This issue does not affect the versions of `qemu-kvm` as shipped with Red Hat products, as they do not include support for the Xilinx Zynq platform emulation. Additionally, Red Hat Product Security does not consider this bug to be a security vulnerability because it only affects the non-virtualization use case. For further information, please refer to the QEMU Security page: https://www.qemu.org/docs/master/system/security.html.
FWIW, upstream fix: https://git.qemu.org/?p=qemu.git;a=commit;h=98a8cc741dad9cb4738f81a994bcf8d77d619152