Description
A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-3099-1 | qemu security update |
EUVD |
EUVD-2020-23173 | A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. |
Ubuntu USN |
USN-5010-1 | QEMU vulnerabilities |
Ubuntu USN |
USN-8412-1 | QEMU vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-04T17:02:08.026Z
Reserved: 2020-12-17T00:00:00.000Z
Link: CVE-2020-35504
No data.
Status : Modified
Published: 2021-05-28T11:15:07.750
Modified: 2026-06-17T03:13:49.590
Link: CVE-2020-35504
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-476
NULL Pointer Dereference
Debian DLA
EUVD
Ubuntu USN