The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. CREATE(Triage):(User=admin) CVE-2022-36648 (https://nvd.nist.gov/vuln/detail/CVE-2022-36648)