What the vulnerability does

01Description

A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

May 28, 2021 CVE published
August 4, 2024 Record updated