CVE-2020-15469

Advisory lineage Upstream: 0 Downstream: 15
Modified
Published: 02 Jul 2020, 19:25
Last modified:04 Aug 2024, 13:15

Vulnerability Summary

Overall Risk (default)
minimal
9/100
CVSS Score
2.3 LOW
v3.1 (nvd)
EPSS Score
0.05% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

02 Jul 2020, 19:25
Published
Vulnerability first disclosed
04 Aug 2024, 13:15
Last Modified
Vulnerability information updated

Description

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

CVSS Metrics

  • v3.1LOWScore: 2.3CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
  • v2.0LOWScore: 2.1AV:L/AC:L/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 0.05% Percentile: 15%

Techniques & Countermeasures

  • CWE-476NULL Pointer Dereference

    The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

  • debiandebian_linux

    9.0 | 10.0

  • qemuqemu

    ≤ 5.0.1

References (4)