QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qemu | Qemu | * | 2.9.1 |
Qemu | Qemu | 2.10.0 | 2.10.0 |
Qemu | Qemu | 2.10.0 | 2.10.0 |
Qemu | Qemu | 2.10.0 | 2.10.0 |