Vulnerabilities > CVE-2020-35506 - Use After Free vulnerability in Qemu

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

qemu

CWE-416

NVD

Published: 2021-05-28

Updated: 2022-08-31

Summary

A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process.

Vulnerable Configurations

Part	Description	Count
Application	Qemu Qemu Qemu 6.0.0 Qemu Qemu 6.1.0 Qemu Qemu 6.1.50 Qemu Qemu 6.2.0 Qemu Qemu 07-20-2020 Qemu Qemu 7.0.0 Qemu Qemu 2021-05-05	29

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

http://www.openwall.com/lists/oss-security/2021/04/16/3
https://www.openwall.com/lists/oss-security/2021/04/16/3
https://bugzilla.redhat.com/show_bug.cgi?id=1909996
https://security.netapp.com/advisory/ntap-20210713-0006/
https://security.gentoo.org/glsa/202208-27