libvirt: potential DoS by holding a monitor job while querying QEMU guest-agent (CVE-2019-20485)
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-20485
Patch:
https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=a663a860819287e041c3de672aad1d8543098ecc