CVE-2020-35504NULL Pointer Dereference in Qemu

CWE-476NULL Pointer Dereference8 documents7 sources
Severity
6.0MEDIUMNVD
OSV2.3
EPSS
0.1%
top 68.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
QemuDebian QemuDebian Linux+2 more
Timeline
PublishedMay 28
Latest updateMay 24

Description

A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages6 packages

NVDqemu/qemu< 6.0.0
debiandebian/qemu< qemu 1:6.0+dfsg-3 (bookworm)
Debianqemu/qemu< 1:6.0+dfsg-3+2
Ubuntuqemu/qemu< 1:2.11+dfsg-1ubuntu7.37+1
CVEListV5qemu/qemuqemu 6.0.0

Also affects: Debian Linux 10.0, Fedora 33

Patches

Patch: www.openwall.comPatch: bugzilla.redhat.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-9hxx-56x6-jhj8: A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 62022-05-24
OSV
qemu vulnerabilities2021-07-15
OSV
CVE-2020-35504: A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 62021-05-28

📋Vendor Advisories

4
Ubuntu
QEMU vulnerabilities2021-07-15
Microsoft
A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a2021-05-11
Red Hat
QEMU: NULL pointer dereference in scsi_req_continue() in hw/scsi/scsi-bus.c2020-12-21
Debian
CVE-2020-35504: qemu - A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU ...2020