CVE-2021-3631
libvirt: Insecure sVirt label generation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
Se ha encontrado un fallo en libvirt mientras genera pares de categorías MCS de SELinux para las etiquetas dinámicas de las máquinas virtuales. Este defecto permite que un huésped explotado acceda a archivos etiquetados para otro huésped, resultando en una ruptura del confinamiento de sVirt. La mayor amenaza de esta vulnerabilidad es para la confidencialidad y la integridad
It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that libvirt incorrectly handled threads during shutdown. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2021-06-30 CVE Reserved
- 2021-10-01 CVE Published
- 2024-11-19 CVE Updated
- 2024-11-19 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20220331-0010 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libvirt/libvirt/-/issues/153 | 2024-11-19 |
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2 | 2024-04-01 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2021:3631 | 2024-04-01 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1977726 | 2021-11-09 | |
| https://security.gentoo.org/glsa/202210-06 | 2024-04-01 | |
| https://access.redhat.com/security/cve/CVE-2021-3631 | 2021-11-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | < 7.5.0 Search vendor "Redhat" for product "Libvirt" and version " < 7.5.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.8 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.8" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | advanced_virtualization |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Ontap Select Deploy Administration Utility Search vendor "Netapp" for product "Ontap Select Deploy Administration Utility" | - | - |
Affected
| ||||||