A NULL pointer dereference issue was found in the Floopy disk emulator of QEMU. It could occur while processing read/write ioport commands, if the selected Floopy drive is not initialised with a block device. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario. Upstream patch: --------------- -> https://lists.nongnu.org/archive/html/qemu-devel/2021-01/msg05986.html
Acknowledgments: Name: Gaoning Pan (Zhejiang University & Ant Security Light-Year Lab)
External References: https://bugs.launchpad.net/qemu/+bug/1912780 https://www.openwall.com/lists/oss-security/2021/01/28/1
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1919532] Created xen tracking bugs for this issue: Affects: fedora-all [bug 1919533]
Statement: This issue affects the version of the qemu-kvm package shipped with Red Hat Enterprise Linux 5, 6, 7 and 8. Future qemu-kvm package updates for Red Hat Enterprise Linux 7 and 8 may address this issue. This has been rated as having Low security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5 & 6. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
This issue has been addressed in the following products: Advanced Virtualization for RHEL 8.4.0.EUS Via RHSA-2022:0325 https://access.redhat.com/errata/RHSA-2022:0325
This issue has been addressed in the following products: Advanced Virtualization for RHEL 8.5.0.Z Via RHSA-2022:0397 https://access.redhat.com/errata/RHSA-2022:0397
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-20196
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1759 https://access.redhat.com/errata/RHSA-2022:1759