CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2021-3975 – libvirt: segmentation fault during VM shutdown can lead to vdsm hang
https://notcve.org/view.php?id=CVE-2021-3975
03 May 2022 — A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. Se ha encontrado un fallo de uso de memoria previamente liberad... • https://access.redhat.com/security/cve/CVE-2021-3975 • CWE-416: Use After Free •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-3631 – libvirt: Insecure sVirt label generation
https://notcve.org/view.php?id=CVE-2021-3631
01 Oct 2021 — A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. Se ha encontrado un fallo en libvirt mientras genera pares de categorías MCS de SELinux para las etiquetas dinámicas de las máquinas virtuales. Este defecto permite que un huésped explotado acceda a ar... • https://access.redhat.com/errata/RHSA-2021:3631 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3667 – libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API
https://notcve.org/view.php?id=CVE-2021-3667
01 Oct 2021 — An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to s... • https://bugzilla.redhat.com/show_bug.cgi?id=1986094 • CWE-667: Improper Locking •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3559
https://notcve.org/view.php?id=CVE-2021-3559
24 May 2021 — A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. It only affects hosts with a PCI device and driver that supports mediated devices (e.g., GRID driver). This flaw could be used by an unprivileged client with a read-only connection to crash the libvirt daemon by executing the 'nodedev-list' virsh command. The highest threat from this vulnerability is to system availability. Se encontró un fallo en libvirt en la API virConnectListAllNodeDevices en versiones anterior... • https://bugzilla.redhat.com/show_bug.cgi?id=1962306 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •