Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2020-35504

Published: 28 May 2021

A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Priority

Low

Cvss 3 Severity Score

6.0

Score breakdown

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian 		upstream Needs triage

hirsute
Released (1:5.2+dfsg-9ubuntu3.1)
trusty Needed

bionic
Released (1:2.11+dfsg-1ubuntu7.37)
focal
Released (1:4.2-3ubuntu6.17)
groovy
Released (1:5.0-5ubuntu9.9)
impish
Released (1:6.0+dfsg-1~ubuntu3)
jammy
Released (1:6.0+dfsg-1~ubuntu3)
kinetic
Released (1:6.0+dfsg-1~ubuntu3)
lunar
Released (1:6.0+dfsg-1~ubuntu3)
xenial Needed

mantic
Released (1:6.0+dfsg-1~ubuntu3)
Patches:
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=0db895361b8a82e1114372ff9f48 (main)
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=e392255766071c8cac480da3a9ae
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=e5455b8c1c6170c788f3c0fd577c
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=c5fef9112b15c4b5494791cdf8bb
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=7b320a8e67a534925048cbabfa51
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=99545751734035b76bd372c4e721
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=fa7505c154d4d00ad89a747be2ed
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=fbc6510e3379fa8f8370bf71198f
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=0ebb5fd80589835153a0c2baa1b8
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=324c8809897c8c53ad05c3a7147d
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=607206948cacda4a80be5b976dba
qemu-kvm
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

mantic Does not exist

Severity score breakdown

Parameter Value
Base score 6.0
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Scope Changed
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading