A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the \'Information Transfer\' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Find out more about CVE-2020-35505 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
Product Name | Status | Defect | Fixed | Downloads |
---|---|---|---|---|
Linux | ||||
Wind River Linux LTS 17 | Fixed | -- | 10.17.41.24 | -- |
Wind River Linux 8 | Requires LTSS | -- | -- | -- |
Wind River Linux 9 | Requires LTSS | -- | -- | -- |
Wind River Linux 7 | Requires LTSS | -- | -- | -- |
Wind River Linux LTS 21 | Won't Fix |
LIN1021-275 |
-- | -- |
Wind River Linux LTS 22 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 18 | Fixed | -- | 10.18.44.23 | -- |
Wind River Linux LTS 19 | Fixed | -- | 10.19.45.17 | -- |
Wind River Linux CD release | Fixed | -- | 10.21.17.0 | -- |
Wind River Linux 6 | Requires LTSS | -- | -- | -- |
Wind River Linux LTS 23 | Not Vulnerable | -- | -- | -- |
VxWorks | ||||
VxWorks 7 | Not Vulnerable | -- | -- | -- |
VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
Helix Virtualization Platform Cert Edition | ||||
Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
Product Name | Status | Defect | Fixed | Downloads |
---|