A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
[
{
"source": "https://gitlab.com/qemu-project/qemu@9bd6565ccee68f72d5012e24646e12a1c662827e",
"target": {
"file": "hw/acpi/pcihp.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-4158-18b1015f",
"digest": {
"line_hashes": [
"29241769371726105858997322140807546074",
"204869718129668260300591851454772074210",
"104609843986139743672680069331723361112",
"16931581179525205007109690658504937315"
],
"threshold": 0.9
}
},
{
"source": "https://gitlab.com/qemu-project/qemu@9bd6565ccee68f72d5012e24646e12a1c662827e",
"target": {
"function": "pci_write",
"file": "hw/acpi/pcihp.c"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-4158-5541ba0b",
"digest": {
"function_hash": "151015625364822090940316435929247005440",
"length": 1035.0
}
}
]