The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | IGSS Definition (Def.exe) version 14.0.0.20247 and prior |