The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qemu | Qemu | * | 7.0.0 (including) |
Qemu | Ubuntu | bionic | * |
Qemu | Ubuntu | lunar | * |
Qemu | Ubuntu | trusty | * |
Qemu | Ubuntu | xenial | * |