The vulnerability of the implementation of the address_space_translate_for_iotlb() function in the QEMU hardware emulation software allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the addressspacetranslateforiotlb function in the QEMU hardware emulation implementation is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a attacker to cause a system failure or execute arbitrary code...