hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
The product dereferences a pointer that it expects to be valid but is NULL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qemu | Qemu | * | 3.1.0 (including) |
Qemu | Ubuntu | cosmic | * |
Qemu | Ubuntu | devel | * |