PT-2020-5189 · Qemu+4 · Qemu+4

Alexander Bulekov

Published

2020-05-02

Updated

2024-06-15

CVE-2020-13659

CVSS v3.1

2.5

Low

Vector

AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions QEMU version 4.2.0

Description The issue is related to a NULL pointer dereference in the address space map function in exec.c, which is connected to BounceBuffer. This can potentially lead to a denial of service.

Recommendations For QEMU version 4.2.0, consider updating to a newer version that contains a fix for this issue, as the current version can trigger a NULL pointer dereference related to BounceBuffer. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2020-1912

ALT-PU-2020-2431

BDU:2020-05809

CVE-2020-13659

DLA-2288-1

DSA-4728-1

OPENSUSE-SU-2020:1108-1

OPENSUSE-SU-2020_1108-1

OPENSUSE-SU-2024:11287-1

SUSE-SU-2020:2015-1

SUSE-SU-2021:1240-1

SUSE-SU-2021:1241-1

SUSE-SU-2021:1242-1

SUSE-SU-2021:1244-1

SUSE-SU-2021:1245-1

SUSE-SU-2021:1305-1

USN-4467-1

USN-4467-2

USN-4467-3

Affected Products

Alt Linux

Linuxmint

Qemu

Suse

Ubuntu

PT-2020-5189 · Qemu+4 · Qemu+4

CVE-2020-13659

Weakness Enumeration

Related Identifiers

Affected Products

References · 245