CVE-2019-20485

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-20485
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-20485.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-20485
Downstream
Related
Published
2020-03-19T02:15:10.880Z
Modified
2026-05-18T05:50:42.997319214Z
Severity
  • 5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).

Database specific 
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "8.0"
                },
                {
                    "last_affected": "9.0"
                },
                {
                    "last_affected": "10.0"
                }
            ],
            "source": "CPE_FIELD",
            "vendor_product": "debian:debian_linux"
        },
        {
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "31"
                }
            ],
            "source": "CPE_FIELD",
            "vendor_product": "fedoraproject:fedora"
        }
    ]
}
References

Affected packages

Git / github.com/libvirt/libvirt

Affected ranges

Type
GIT
Repo
https://github.com/libvirt/libvirt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
10ff7997c510171ab231d7c4a484abc1fecf3e78
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.0.0"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*"
}

Affected versions

Other
CVE-2008-5086
CVE-2010-2238
CVE-2010-2242
CVE-2011-1146
CVE-2011-1486
CVE-2011-2178
CVE-2012-3411
CVE-2012-3445
CVE-2012-4423
CVE-2013-0170
CVE-2013-1962
CVE-2013-2218
CVE-2013-2230
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4291
CVE-2013-4292
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400-1
CVE-2013-4400-2
CVE-2013-4400-3
CVE-2013-4401
CVE-2013-5651
CVE-2013-6436
CVE-2013-6456
CVE-2013-6457
CVE-2013-6458-1
CVE-2013-6458-2
CVE-2013-6458-3
CVE-2013-6458-4
CVE-2013-7336
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447-1
CVE-2014-1447-2
CVE-2014-3633
CVE-2014-3657
CVE-2014-7823
CVE-2014-8131
CVE-2014-8131-1
CVE-2014-8131-2
CVE-2014-8135
CVE-2014-8136
CVE-2015-0236
CVE-2015-0236-1
CVE-2015-0236-2
CVE-2015-5247-1
CVE-2015-5247-2
CVE-2015-5247-3
CVE-2015-5313
CVE-2016-5008
CVE-2017-1000256
CVE-2017-2635
CVE-2018-1064
CVE-2018-5748
CVE-2018-6764
CVE-2019-10132
CVE-2019-10161
CVE-2019-10166
CVE-2019-10167
CVE-2019-10168
CVE-2019-3886
LIBVIRT_0_0_3
LIBVIRT_0_0_4
LIBVIRT_0_0_5
LIBVIRT_0_1_0
LIBVIRT_0_1_1
LIBVIRT_0_1_10
LIBVIRT_0_1_11
LIBVIRT_0_1_3
LIBVIRT_0_1_4
LIBVIRT_0_1_6
LIBVIRT_0_1_7
LIBVIRT_0_1_8
LIBVIRT_0_1_9
LIBVIRT_0_2_0
LIBVIRT_0_2_1
LIBVIRT_0_2_2
LIBVIRT_0_3_0
LIBVIRT_0_3_1
LIBVIRT_0_3_2
LIBVIRT_0_3_3
LIBVIRT_0_4_1
LIBVIRT_0_4_2
LIBVIRT_0_4_4
LIBVIRT_0_4_6
LIBVIRT_0_5_0
LIBVIRT_0_5_1
LIBVIRT_0_6_0
LIBVIRT_0_6_1
LIBVIRT_0_6_2
LIBVIRT_0_6_3
LIBVIRT_0_6_4
LIBVIRT_0_6_5
LIBVIR_0_0_1
LIBVIR_0_0_2
LIVIRT_0_2_3
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.1.0
v0.1.1
v0.1.10
v0.1.11
v0.1.3
v0.1.4
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.10.0
v0.10.0-rc0
v0.10.0-rc1
v0.10.0-rc2
v0.10.1
v0.10.2
v0.10.2-rc1
v0.10.2-rc2
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.1
v0.4.2
v0.4.4
v0.4.6
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.9.0
v0.9.1
v0.9.10
v0.9.10-rc1
v0.9.10-rc2
v0.9.11
v0.9.11-rc1
v0.9.11-rc2
v0.9.12
v0.9.12-rc1
v0.9.12-rc2
v0.9.13
v0.9.13-rc1
v0.9.13-rc2
v0.9.2
v0.9.3
v0.9.3-rc1
v0.9.3-rc2
v0.9.4
v0.9.4-rc1
v0.9.4-rc2
v0.9.5
v0.9.5-rc1
v0.9.5-rc2
v0.9.5-rc3
v0.9.6
v0.9.7
v0.9.7-rc1
v0.9.8
v0.9.8-rc1
v0.9.8-rc2
v0.9.9
v0.9.9-rc1
v0.9.9-rc2
v1.*
v1.0.0
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3
v1.0.1
v1.0.1-rc1
v1.0.1-rc2
v1.0.2
v1.0.2-rc1
v1.0.2-rc2
v1.0.3
v1.0.3-rc1
v1.0.3-rc2
v1.0.4
v1.0.4-rc1
v1.0.4-rc2
v1.0.5
v1.0.5-rc1
v1.0.6
v1.0.6-rc1
v1.0.6-rc2
v1.1.0
v1.1.0-rc1
v1.1.0-rc2
v1.1.1
v1.1.1-rc1
v1.1.1-rc2
v1.1.2
v1.1.2-rc1
v1.1.2-rc2
v1.1.3
v1.1.3-rc1
v1.1.3-rc2
v1.1.4
v1.1.4-rc1
v1.1.4-rc2
v1.2.0
v1.2.0-rc1
v1.2.0-rc2
v1.2.1
v1.2.1-rc1
v1.2.1-rc2
v1.2.10
v1.2.10-rc1
v1.2.10-rc2
v1.2.11
v1.2.11-rc1
v1.2.11-rc2
v1.2.12
v1.2.12-rc1
v1.2.12-rc2
v1.2.13
v1.2.13-rc1
v1.2.13-rc2
v1.2.14
v1.2.14-rc1
v1.2.14-rc2
v1.2.15
v1.2.15-rc1
v1.2.15-rc2
v1.2.16
v1.2.16-rc1
v1.2.16-rc2
v1.2.17
v1.2.17-rc1
v1.2.17-rc2
v1.2.18
v1.2.18-rc1
v1.2.18-rc2
v1.2.19
v1.2.19-rc1
v1.2.19-rc2
v1.2.2
v1.2.2-rc1
v1.2.2-rc2
v1.2.20
v1.2.20-rc1
v1.2.20-rc2
v1.2.21
v1.2.21-rc1
v1.2.21-rc2
v1.2.3
v1.2.3-rc1
v1.2.3-rc2
v1.2.4
v1.2.4-rc1
v1.2.4-rc2
v1.2.5
v1.2.5-rc1
v1.2.5-rc2
v1.2.6
v1.2.6-rc1
v1.2.6-rc2
v1.2.7
v1.2.7-rc1
v1.2.7-rc2
v1.2.8
v1.2.8-rc1
v1.2.8-rc2
v1.2.9
v1.2.9-rc1
v1.2.9-rc2
v1.3.0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.3.1-rc1
v1.3.1-rc2
v1.3.2
v1.3.2-rc1
v1.3.2-rc2
v1.3.3
v1.3.3-rc1
v1.3.3-rc2
v1.3.4
v1.3.4-rc1
v1.3.4-rc2
v1.3.5
v1.3.5-rc1
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.1.0
v2.1.0-rc1
v2.2.0
v2.2.0-rc1
v2.2.0-rc2
v2.3.0
v2.3.0-rc1
v2.3.0-rc2
v2.4.0
v2.4.0-rc1
v2.4.0-rc2
v2.5.0
v2.5.0-rc1
v2.5.0-rc2
v3.*
v3.0.0
v3.0.0-rc1
v3.0.0-rc2
v3.1.0
v3.1.0-rc1
v3.1.0-rc2
v3.10.0
v3.10.0-rc1
v3.10.0-rc2
v3.2.0
v3.2.0-rc1
v3.2.0-rc2
v3.3.0
v3.3.0-rc1
v3.3.0-rc2
v3.4.0
v3.4.0-rc1
v3.4.0-rc2
v3.5.0
v3.5.0-rc1
v3.5.0-rc2
v3.6.0
v3.6.0-rc1
v3.6.0-rc2
v3.7.0
v3.7.0-rc1
v3.7.0-rc2
v3.8.0
v3.8.0-rc1
v3.9.0
v3.9.0-rc1
v3.9.0-rc2
v4.*
v4.0.0
v4.0.0-rc1
v4.0.0-rc2
v4.1.0
v4.1.0-rc1
v4.1.0-rc2
v4.10.0
v4.10.0-rc1
v4.10.0-rc2
v4.2.0
v4.2.0-rc1
v4.2.0-rc2
v4.3.0
v4.3.0-rc1
v4.3.0-rc2
v4.4.0
v4.4.0-rc1
v4.4.0-rc2
v4.5.0
v4.5.0-rc1
v4.5.0-rc2
v4.6.0
v4.6.0-rc1
v4.6.0-rc2
v4.7.0
v4.7.0-rc1
v4.7.0-rc2
v4.8.0
v4.8.0-rc1
v4.8.0-rc2
v4.9.0
v4.9.0-rc1
v5.*
v5.0.0
v5.0.0-rc1
v5.0.0-rc2
v5.1.0
v5.1.0-rc1
v5.1.0-rc2
v5.10.0
v5.10.0-rc1
v5.10.0-rc2
v5.2.0
v5.2.0-rc1
v5.2.0-rc2
v5.3.0
v5.3.0-rc1
v5.3.0-rc2
v5.4.0
v5.4.0-rc1
v5.4.0-rc2
v5.5.0
v5.5.0-rc1
v5.5.0-rc2
v5.6.0
v5.6.0-rc1
v5.6.0-rc2
v5.7.0
v5.7.0-rc1
v5.7.0-rc2
v5.8.0
v5.8.0-rc1
v5.8.0-rc2
v5.9.0
v5.9.0-rc1
v6.*
v6.0.0-rc1
v6.0.0-rc2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-20485.json"

Git / gitlab.com/libvirt/libvirt

Affected ranges

Type
GIT
Repo
https://gitlab.com/libvirt/libvirt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
10ff7997c510171ab231d7c4a484abc1fecf3e78
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.0.0"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*"
}

Affected versions

Other
CVE-2008-5086
CVE-2010-2238
CVE-2010-2242
CVE-2011-1146
CVE-2011-1486
CVE-2011-2178
CVE-2012-3411
CVE-2012-3445
CVE-2012-4423
CVE-2013-0170
CVE-2013-1962
CVE-2013-2218
CVE-2013-2230
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4291
CVE-2013-4292
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400-1
CVE-2013-4400-2
CVE-2013-4400-3
CVE-2013-4401
CVE-2013-5651
CVE-2013-6436
CVE-2013-6456
CVE-2013-6457
CVE-2013-6458-1
CVE-2013-6458-2
CVE-2013-6458-3
CVE-2013-6458-4
CVE-2013-7336
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447-1
CVE-2014-1447-2
CVE-2014-3633
CVE-2014-3657
CVE-2014-7823
CVE-2014-8131
CVE-2014-8131-1
CVE-2014-8131-2
CVE-2014-8135
CVE-2014-8136
CVE-2015-0236
CVE-2015-0236-1
CVE-2015-0236-2
CVE-2015-5247-1
CVE-2015-5247-2
CVE-2015-5247-3
CVE-2015-5313
CVE-2016-5008
CVE-2017-1000256
CVE-2017-2635
CVE-2018-1064
CVE-2018-5748
CVE-2018-6764
CVE-2019-10132
CVE-2019-10161
CVE-2019-10166
CVE-2019-10167
CVE-2019-10168
CVE-2019-3886
LIBVIRT_0_0_3
LIBVIRT_0_0_4
LIBVIRT_0_0_5
LIBVIRT_0_1_0
LIBVIRT_0_1_1
LIBVIRT_0_1_10
LIBVIRT_0_1_11
LIBVIRT_0_1_3
LIBVIRT_0_1_4
LIBVIRT_0_1_6
LIBVIRT_0_1_7
LIBVIRT_0_1_8
LIBVIRT_0_1_9
LIBVIRT_0_2_0
LIBVIRT_0_2_1
LIBVIRT_0_2_2
LIBVIRT_0_3_0
LIBVIRT_0_3_1
LIBVIRT_0_3_2
LIBVIRT_0_3_3
LIBVIRT_0_4_1
LIBVIRT_0_4_2
LIBVIRT_0_4_4
LIBVIRT_0_4_6
LIBVIRT_0_5_0
LIBVIRT_0_5_1
LIBVIRT_0_6_0
LIBVIRT_0_6_1
LIBVIRT_0_6_2
LIBVIRT_0_6_3
LIBVIRT_0_6_4
LIBVIRT_0_6_5
LIBVIR_0_0_1
LIBVIR_0_0_2
LIVIRT_0_2_3
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.1.0
v0.1.1
v0.1.10
v0.1.11
v0.1.3
v0.1.4
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.10.0
v0.10.0-rc0
v0.10.0-rc1
v0.10.0-rc2
v0.10.1
v0.10.2
v0.10.2-rc1
v0.10.2-rc2
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.1
v0.4.2
v0.4.4
v0.4.6
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.9.0
v0.9.1
v0.9.10
v0.9.10-rc1
v0.9.10-rc2
v0.9.11
v0.9.11-rc1
v0.9.11-rc2
v0.9.12
v0.9.12-rc1
v0.9.12-rc2
v0.9.13
v0.9.13-rc1
v0.9.13-rc2
v0.9.2
v0.9.3
v0.9.3-rc1
v0.9.3-rc2
v0.9.4
v0.9.4-rc1
v0.9.4-rc2
v0.9.5
v0.9.5-rc1
v0.9.5-rc2
v0.9.5-rc3
v0.9.6
v0.9.7
v0.9.7-rc1
v0.9.8
v0.9.8-rc1
v0.9.8-rc2
v0.9.9
v0.9.9-rc1
v0.9.9-rc2
v1.*
v1.0.0
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3
v1.0.1
v1.0.1-rc1
v1.0.1-rc2
v1.0.2
v1.0.2-rc1
v1.0.2-rc2
v1.0.3
v1.0.3-rc1
v1.0.3-rc2
v1.0.4
v1.0.4-rc1
v1.0.4-rc2
v1.0.5
v1.0.5-rc1
v1.0.6
v1.0.6-rc1
v1.0.6-rc2
v1.1.0
v1.1.0-rc1
v1.1.0-rc2
v1.1.1
v1.1.1-rc1
v1.1.1-rc2
v1.1.2
v1.1.2-rc1
v1.1.2-rc2
v1.1.3
v1.1.3-rc1
v1.1.3-rc2
v1.1.4
v1.1.4-rc1
v1.1.4-rc2
v1.2.0
v1.2.0-rc1
v1.2.0-rc2
v1.2.1
v1.2.1-rc1
v1.2.1-rc2
v1.2.10
v1.2.10-rc1
v1.2.10-rc2
v1.2.11
v1.2.11-rc1
v1.2.11-rc2
v1.2.12
v1.2.12-rc1
v1.2.12-rc2
v1.2.13
v1.2.13-rc1
v1.2.13-rc2
v1.2.14
v1.2.14-rc1
v1.2.14-rc2
v1.2.15
v1.2.15-rc1
v1.2.15-rc2
v1.2.16
v1.2.16-rc1
v1.2.16-rc2
v1.2.17
v1.2.17-rc1
v1.2.17-rc2
v1.2.18
v1.2.18-rc1
v1.2.18-rc2
v1.2.19
v1.2.19-rc1
v1.2.19-rc2
v1.2.2
v1.2.2-rc1
v1.2.2-rc2
v1.2.20
v1.2.20-rc1
v1.2.20-rc2
v1.2.21
v1.2.21-rc1
v1.2.21-rc2
v1.2.3
v1.2.3-rc1
v1.2.3-rc2
v1.2.4
v1.2.4-rc1
v1.2.4-rc2
v1.2.5
v1.2.5-rc1
v1.2.5-rc2
v1.2.6
v1.2.6-rc1
v1.2.6-rc2
v1.2.7
v1.2.7-rc1
v1.2.7-rc2
v1.2.8
v1.2.8-rc1
v1.2.8-rc2
v1.2.9
v1.2.9-rc1
v1.2.9-rc2
v1.3.0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.3.1-rc1
v1.3.1-rc2
v1.3.2
v1.3.2-rc1
v1.3.2-rc2
v1.3.3
v1.3.3-rc1
v1.3.3-rc2
v1.3.4
v1.3.4-rc1
v1.3.4-rc2
v1.3.5
v1.3.5-rc1
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.1.0
v2.1.0-rc1
v2.2.0
v2.2.0-rc1
v2.2.0-rc2
v2.3.0
v2.3.0-rc1
v2.3.0-rc2
v2.4.0
v2.4.0-rc1
v2.4.0-rc2
v2.5.0
v2.5.0-rc1
v2.5.0-rc2
v3.*
v3.0.0
v3.0.0-rc1
v3.0.0-rc2
v3.1.0
v3.1.0-rc1
v3.1.0-rc2
v3.10.0
v3.10.0-rc1
v3.10.0-rc2
v3.2.0
v3.2.0-rc1
v3.2.0-rc2
v3.3.0
v3.3.0-rc1
v3.3.0-rc2
v3.4.0
v3.4.0-rc1
v3.4.0-rc2
v3.5.0
v3.5.0-rc1
v3.5.0-rc2
v3.6.0
v3.6.0-rc1
v3.6.0-rc2
v3.7.0
v3.7.0-rc1
v3.7.0-rc2
v3.8.0
v3.8.0-rc1
v3.9.0
v3.9.0-rc1
v3.9.0-rc2
v4.*
v4.0.0
v4.0.0-rc1
v4.0.0-rc2
v4.1.0
v4.1.0-rc1
v4.1.0-rc2
v4.10.0
v4.10.0-rc1
v4.10.0-rc2
v4.2.0
v4.2.0-rc1
v4.2.0-rc2
v4.3.0
v4.3.0-rc1
v4.3.0-rc2
v4.4.0
v4.4.0-rc1
v4.4.0-rc2
v4.5.0
v4.5.0-rc1
v4.5.0-rc2
v4.6.0
v4.6.0-rc1
v4.6.0-rc2
v4.7.0
v4.7.0-rc1
v4.7.0-rc2
v4.8.0
v4.8.0-rc1
v4.8.0-rc2
v4.9.0
v4.9.0-rc1
v5.*
v5.0.0
v5.0.0-rc1
v5.0.0-rc2
v5.1.0
v5.1.0-rc1
v5.1.0-rc2
v5.10.0
v5.10.0-rc1
v5.10.0-rc2
v5.2.0
v5.2.0-rc1
v5.2.0-rc2
v5.3.0
v5.3.0-rc1
v5.3.0-rc2
v5.4.0
v5.4.0-rc1
v5.4.0-rc2
v5.5.0
v5.5.0-rc1
v5.5.0-rc2
v5.6.0
v5.6.0-rc1
v5.6.0-rc2
v5.7.0
v5.7.0-rc1
v5.7.0-rc2
v5.8.0
v5.8.0-rc1
v5.8.0-rc2
v5.9.0
v5.9.0-rc1
v6.*
v6.0.0-rc1
v6.0.0-rc2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-20485.json"