Bugzilla – Bug 1176810
VUL-1: CVE-2020-25741: kvm,qemu: fdc: null pointer dereference during r/w data transfer
Last modified: 2023-03-08 04:23:21 UTC
A null pointer dereference issue was found in the Floppy disk emulator of QEMU. It could occur while transferring data via fdctrl_read_data(), fdctrl_write_data() routines, if current drive has a null block pointer. A guest may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
Affects all supported code streams.
The code in qemu-1.4.2 and older is slightly different, but also lacks the null pointer check.
This issue is rather old, and the proposed patch never made it upstream, nor it was replaced/superseeded by any other one (i.e., the upstream code is still there and still look the same way as it was looking back then, without this patch).
Shall we close it?