AVG-1308 log

Package qemu
Status Vulnerable
Severity Medium
Type multiple issues
Affected 5.2.0-2
Fixed Unknown
Current 5.2.0-2 [extra]
Ticket Create
Created Tue Dec 1 10:59:29 2020
Issue Severity Remote Type Description
CVE-2020-35506 Medium No Arbitrary code execution
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU. It could occur in the esp_do_dma() function in...
CVE-2020-35505 Low No Denial of service
A NULL pointer dereference issue was found in the am53c974 SCSI host bus adapter emulation of QEMU. It could occur in the do_busid_cmd() function in...
CVE-2020-35504 Low No Denial of service
A NULL pointer dereference issue was found in the SCSI emulation support of QEMU. It could occur in the scsi_req_continue() function in hw/scsi/scsi-bus.c...
CVE-2020-35503 Low No Denial of service
A NULL pointer dereference issue was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU. It could occur in the megasas_command_cancelled()...
CVE-2020-27821 Medium No Denial of service
A heap buffer overflow was found in the Message Signaled Interrupt (MSI-X) device support of QEMU. The overflow could occur due to an out-of-bounds write of...
CVE-2020-14394 Low No Denial of service
An infinite loop issue was found in the USB xHCI controller emulation of QEMU. Specifically, function xhci_ring_chain_length() in hw/usb/hcd-xhci.c may get...