Bugzilla – Bug 1176810
VUL-1: CVE-2020-25741: kvm,qemu: fdc: null pointer dereference during r/w data transfer
Last modified: 2021-11-30 12:55:27 UTC
A null pointer dereference issue was found in the Floppy disk emulator of QEMU. It could occur while transferring data via fdctrl_read_data(), fdctrl_write_data() routines, if current drive has a null block pointer. A guest may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
Affects all supported code streams.
The code in qemu-1.4.2 and older is slightly different, but also lacks the null pointer check.