| 제목 | CVE-2020-35503 - NULL Pointer in QEMU |
|---|
| 설명 | A NULL pointer dereference issue was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU. It could occur in the megasas_command_cancelled() callback function in hw/scsi/megasas.c while dropping a SCSI request. A privileged guest user may exploit this issue to crash the QEMU process on the host, resulting in a denial of service condition.
|
|---|
| 원천 | ⚠️ https://bugzilla.redhat.com/show_bug.cgi?id=1910346 |
|---|
| 사용자 | CSieberg (UID 13359) |
|---|
| 제출 | 2021. 01. 13. AM 09:37 (5 연령 ago) |
|---|
| 모더레이션 | 2021. 01. 13. PM 01:47 (4 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 167799 [QEMU megasas-gen2 SCSI Host Bus Adapter Emulation hw/scsi/megasas.c megasas_command_cancelled 서비스 거부] |
|---|
| 포인트들 | 16 |
|---|