A NULL pointer dereference flaw was found in the LSI53C895A SCSI Host Bus Adapter emulator of QEMU. This flaw occurs while processing ‘Memory Move’ instructions to move data between DMA memory and I/O address space via lsi_memcpy(). This flaw allows a guest user or process to crash the QEMU process, resulting in a denial of service.
bugzilla.redhat.com/show_bug.cgi?id=1883178
nvd.nist.gov/vuln/detail/CVE-2020-25742
ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1
www.cve.org/CVERecord?id=CVE-2020-25742
www.manualslib.com/manual/1407578/Lsi-Lsi53c895a.html?page=254#manual
www.openwall.com/lists/oss-security/2020/09/29/1