Tom Victor

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue allows local guest OS administrators to cause a denial of service, resulting in a QEMU process crash. This is achieved through vectors involving MPTSAS CONFIG PACK, specifically via the `mptsas config manufacturing 1` and `mptsas config ioc 0` functions in the hw/scsi/mptconfig.c file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QEMU (aka Quick Emulator) (affected versions not specified) **Description** The issue allows local guest OS administrators to cause a denial of service. This can be achieved by exploiting a crafted page count for descriptor rings, potentially leading to out-of-bounds access, an infinite loop, and a QEMU process crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.