A NULL pointer dereference issue was found in the MegaRAID SAS 8708EM2 emulatior of the QEMU. This issue occurs because the address_space_map() API while mapping physical memory into host's virtual address space may return NULL, without setting the length parameter to zero(0). A guest user/process may use this flaw to crash the QEMU process on the host resulting in DoS scenario. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg07313.html Reference: ---------- -> https://bugs.launchpad.net/qemu/+bug/1878259 -> https://www.openwall.com/lists/oss-security/2020/06/01/3
Acknowledgments: Name: Alexander Bulekov
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1842498]
Statement: In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP qemu-kvm-rhev package.