Qemu · Qemu · CVE-2020-25742
**Name of the Vulnerable Software and Affected Versions**
QEMU versions prior to 5.1.1
**Description**
The issue is related to a NULL pointer dereference in the `pci change irq level` function in `hw/pci/pci.c`. This occurs because `pci get bus()` might not return a valid pointer, potentially allowing an attacker to cause a denial of service.
**Recommendations**
For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue.
As a temporary workaround, consider restricting access to the `pci change irq level` function in `hw/pci/pci.c` until a patch is available.