PT-2021-11778 · Qemu+3 · Qemu+3

Published

2021-06-02

Updated

2024-06-15

CVE-2020-35503

CVSS v3.1

6.0

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: QEMU versions prior to 6.0

Description: A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU. This issue occurs in the megasas command cancelled() callback function while dropping a SCSI request. The flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Recommendations: For QEMU versions prior to 6.0, update to a version later than 6.0 to resolve the issue. As a temporary workaround, consider disabling the megasas command cancelled() function until a patch is available. Restrict access to the megasas-gen2 SCSI host bus adapter emulation to minimize the risk of exploitation.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2021-2713

ALT-PU-2021-3363

CVE-2020-35503

ECHO-C252-AE80-9DB0

OPENSUSE-SU-2021:1202-1

OPENSUSE-SU-2021:2789-1

OPENSUSE-SU-2021:2858-1

OPENSUSE-SU-2021:3614-1

OPENSUSE-SU-2021_1202-1

OPENSUSE-SU-2021_2789-1

OPENSUSE-SU-2021_2858-1

OPENSUSE-SU-2021_3614-1

OPENSUSE-SU-2024:11907-1

SUSE-SU-2021:2789-1

SUSE-SU-2021:2813-1

SUSE-SU-2021:2858-1

SUSE-SU-2021:3575-1

SUSE-SU-2021:3613-1

SUSE-SU-2021:3614-1

SUSE-SU-2021:3635-1

SUSE-SU-2021_2789-1

SUSE-SU-2021_2813-1

SUSE-SU-2021_2858-1

SUSE-SU-2021_3575-1

SUSE-SU-2021_3613-1

SUSE-SU-2021_3614-1

SUSE-SU-2021_3635-1

Affected Products

Alt Linux

Debian

Qemu

Suse

PT-2021-11778 · Qemu+3 · Qemu+3

CVE-2020-35503

Weakness Enumeration

Related Identifiers

Affected Products

References · 72