QEMU emulator built with the AHCI emulator support is vulnerable to a NULL pointer dereference issue. It could occur while committing DMA buffer in ahci_commit_buf() if the command header 'ad->cur_cmd' is null.
A privileged guest user could use this flaw to crash the QEMU process instance resulting in DoS.
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1759911]
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1759910]
The qemu-kvm package versions as shipped with Red Hat Enterprise Linux 6 and 7 are not affected by this issue.
The qemu-kvm package version as shipped with Red Hat Enterprise Linux 8 is affected by this issue. Future qemu-kvm updates for Red Hat Enterprise Linux 8 may address this issue.