Bugzilla – Bug 1119989
VUL-1: CVE-2018-20125: kvm,qemu: a null pointer dereference in qemu's implementation crashes qemu or creates DOS
Last modified: 2019-01-09 22:46:40 UTC
A Null pointer dereference issue was found in QEMU's implementation of
VMWare's paravirtual RDMA device. It could occur while creating CQ/QP ring
objects in pvrdma_ring_init() routine. A guest user/process could use this flaw to crash QEMU process or allocate excessive memory on host resulting in DoS.
Fix added to qemu package about to be submitted to openSUSE:Factory and SLE15-SP1. No other qemu packages we ship are affected.