A NULL pointer dereference flaw was found in the QEMU emulator’s IDE AHCI emulator. Exploitation of the flaw could occur while committing DMA buffer in ahci_commit_buf() if the command header ‘ad->cur_cmd’ was null. A privileged guest user could use this flaw to crash the QEMU process instance resulting in DoS. Reduced performance of the system is the highest threat to the system.