CVE-2020-35506
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process.
Se encontró una vulnerabilidad de uso de memoria previamente liberada en la emulación del adaptador bus de host SCSI am53c974 de QEMU en versiones anteriores a 6.0.0, durante el manejo del comando "Information Transfer" (CMD_TI). Este fallo permite a un usuario invitado privilegiado bloquear el proceso QEMU en el host, resultando en una denegación de servicio o una posible ejecución de código con los privilegios del proceso QEMU
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-12-17 CVE Reserved
- 2021-05-28 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2021/04/16/3 | Mailing List |
|
| https://bugzilla.redhat.com/show_bug.cgi?id=1909996 | Issue Tracking | |
| https://security.netapp.com/advisory/ntap-20210713-0006 | Third Party Advisory |
|
| https://www.openwall.com/lists/oss-security/2021/04/16/3 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202208-27 | 2022-08-31 |