CVE-2021-3975
published 2022-08-23CVE-2021-3975: A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libvirt | < libvirt 7.6.0-1 (bookworm) | libvirt 7.6.0-1 (bookworm) |
| fedoraproject | fedora | — | — |
| msrc | cm1_libvirt_6.1.0-6_on_cbl_mariner_1.0 | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_for_ibm_z_systems | — | — |
| redhat | enterprise_linux_for_ibm_z_systems_eus | — | — |
| redhat | enterprise_linux_for_power_little_endian | — | — |
| redhat | enterprise_linux_for_power_little_endian_eus | — | — |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solution | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | libvirt | < 7.1.0 | 7.1.0 |
| redhat | libvirt | — | — |
| redhat | libvirt | >= 0 < 7.0.0-3+deb11u3 | 7.0.0-3+deb11u3 |
| redhat | libvirt | >= 0 < 7.6.0-1 | 7.6.0-1 |
| redhat | libvirt | >= 0 < 7.6.0-1 | 7.6.0-1 |
| redhat | libvirt | >= 0 < 7.6.0-1 | 7.6.0-1 |
| redhat | libvirt | >= 0 < 4.0.0-1ubuntu8.21 | 4.0.0-1ubuntu8.21 |
| redhat | libvirt | >= 0 < 6.0.0-0ubuntu8.16 | 6.0.0-0ubuntu8.16 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.7MEDIUM