Vulnerability Details CVE-2020-25741
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.4%
CVSS Severity
CVSS v3 Score 3.2
CVSS v2 Score 2.1
References
- http://www.openwall.com/lists/oss-security/2020/09/29/1
- https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05295.html
- https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Ffdc_nullptr1
- https://security.netapp.com/advisory/ntap-20201009-0005/
- http://www.openwall.com/lists/oss-security/2020/09/29/1
- https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05295.html
- https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Ffdc_nullptr1
- https://security.netapp.com/advisory/ntap-20201009-0005/