CVE-2020-35505

Description

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
qemu	26.04 LTS resolute	Fixed 1:6.0+dfsg-1~ubuntu3
	25.10 questing	Fixed 1:6.0+dfsg-1~ubuntu3
	25.04 plucky	Fixed 1:6.0+dfsg-1~ubuntu3
	24.10 oracular	Fixed 1:6.0+dfsg-1~ubuntu3
	24.04 LTS noble	Fixed 1:6.0+dfsg-1~ubuntu3
	23.10 mantic	Fixed 1:6.0+dfsg-1~ubuntu3
	23.04 lunar	Fixed 1:6.0+dfsg-1~ubuntu3
	22.10 kinetic	Fixed 1:6.0+dfsg-1~ubuntu3
	22.04 LTS jammy	Fixed 1:6.0+dfsg-1~ubuntu3
	21.10 impish	Fixed 1:6.0+dfsg-1~ubuntu3
	21.04 hirsute	Fixed 1:5.2+dfsg-9ubuntu3.1
	20.10 groovy	Fixed 1:5.0-5ubuntu9.9
	20.04 LTS focal	Fixed 1:4.2-3ubuntu6.17
	18.04 LTS bionic	Fixed 1:2.11+dfsg-1ubuntu7.37
	16.04 LTS xenial	Fixed 1:2.5+dfsg-5ubuntu10.51+esm4
	14.04 LTS trusty	Fixed 2.0.0+dfsg-2ubuntu1.47+esm6
qemu-kvm	26.04 LTS resolute	Not in release
	25.10 questing	Not in release
	25.04 plucky	Not in release
	24.10 oracular	Not in release
	24.04 LTS noble	Not in release
	23.10 mantic	Not in release
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	21.10 impish	Not in release
	21.04 hirsute	Not in release
	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro 30-day free trial

Notes

mdeslaur

same commits as CVE-2020-35504

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
qemu	Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=0db895361b8a82e1114372ff9f48 Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=e392255766071c8cac480da3a9ae Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=e5455b8c1c6170c788f3c0fd577c Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=c5fef9112b15c4b5494791cdf8bb Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=7b320a8e67a534925048cbabfa51 Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=99545751734035b76bd372c4e721 Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=fa7505c154d4d00ad89a747be2ed Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=fbc6510e3379fa8f8370bf71198f Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=0ebb5fd80589835153a0c2baa1b8 Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=324c8809897c8c53ad05c3a7147d Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=607206948cacda4a80be5b976dba

Package

Patch details

qemu

Severity score breakdown

CVSS version: CVSS v3.0

Base score 4.4 · Medium

Base metrics

Parameter	Value
Attack vector	Local
Attack complexity	Low
Privileges required	High
User interaction	None
Scope	Unchanged
Confidentiality impact	None
Integrity impact	None
Availability impact	High

Scores

Parameter	Value
Base score	4.4 · Medium
Exploitability score	-
Impact score	-

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

USN-5010-1
QEMU vulnerabilities
15 July 2021

USN-8412-1
QEMU vulnerabilities
9 June 2026

CVE-2020-35505

Cvss 3 Severity Score

Description

Status

Get expanded security coverage with Ubuntu Pro

Notes

mdeslaur

Patch details

Severity score breakdown

References

Related Ubuntu Security Notices (USN)

Other references

Access our resources on patching vulnerabilities