ID CVE-2020-35506
Summary A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process.
References
Vulnerable Configurations
  • cpe:2.3:a:qemu:qemu:6.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.0.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.0.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.0.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.1.50:*:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.1.50:*:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.2.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.2.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.2.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.2.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:6.2.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:6.2.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:07-20-2020:*:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:07-20-2020:*:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:7.0.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:7.0.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:qemu:qemu:2021-05-05:*:*:*:*:*:*:*
    cpe:2.3:a:qemu:qemu:2021-05-05:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 31-08-2022 - 19:22)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
Last major update 31-08-2022 - 19:22
Published 28-05-2021 - 11:15
Last modified 31-08-2022 - 19:22
Back to Top