A NULL pointer dereference was found in the ACPI code of QEMU. The flaw lies in hw/acpi/pcihp.c in pci_write() where the `bus` pointer is used without checking if it's NULL, probably because an invalid selector was supplied. A malicious privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
Updated upstream patch: https://email@example.com/msg857944.html (not listing any CVE)
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 2036574]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2022:1759 https://access.redhat.com/errata/RHSA-2022:1759
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):