Qemu emulator built with the LSI53C895A SCSI Host Bus Adapter emulation support is vulnerable to an infinite loop issue. It could occur when executing a script in lsi_execute_script(). The LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. A privileged user inside guest could use this flaw to consume CPU cycles on the host resulting in DoS scenario. Upstream patch: --------------- -> https://git.qemu.org/?p=qemu.git;a=commit;h=de594e47659029316bbf9391efb79da0a1a08e08
Created qemu tracking bugs for this issue: Affects: epel-7 [bug 1773751] Affects: fedora-all [bug 1773750]
The device is not included in RHEL.
Statement: The qemu-kvm package versions as shipped with Red Hat Enterprise Linux 6, 7, and 8 are not affected by this issue, as the device, LSI53C895A, is not included in these versions.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1782735]