CVE-2020-35505

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Published: May 28, 2021
Updated: Apr 14, 2023
CVE: CVE-2020-35505
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.4
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
qemu / qemu	-	6.0.0
qemu / qemu	6.0.0-rc2	6.0.0-rc2.x
qemu / qemu	6.0.0-rc1	6.0.0-rc1.x
debian / debian_linux	10.0	10.0.x

http://www.openwall.com/lists/oss-security/2021/04/16/3
https://bugzilla.redhat.com/show_bug.cgi?id=1909769
https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
https://security.gentoo.org/glsa/202208-27
https://security.netapp.com/advisory/ntap-20210713-0006/
https://www.openwall.com/lists/oss-security/2021/04/16/3

Vulnerability Database

CVE-2020-35505