CVE-2020-35503 log

Source
Severity Low
Remote No
Type Denial of service
Description
A NULL pointer dereference issue was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU. It could occur in the megasas_command_cancelled() callback function in hw/scsi/megasas.c while dropping a SCSI request. A privileged guest user may exploit this issue to crash the QEMU process on the host, resulting in a denial of service condition.
Group Package Affected Fixed Severity Status Ticket
AVG-1308 qemu 5.2.0-4 Medium Vulnerable
References
https://bugzilla.redhat.com/show_bug.cgi?id=1909766