Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2021-3975

Published: 24 November 2021

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.

Priority

Low

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian
jammy
Released (7.6.0-0ubuntu3)
kinetic
Released (7.6.0-0ubuntu3)
lunar
Released (7.6.0-0ubuntu3)
bionic
Released (4.0.0-1ubuntu8.21)
focal
Released (6.0.0-0ubuntu8.16)
hirsute Ignored
(end of life)
impish Not vulnerable
(7.6.0-0ubuntu1)
trusty Needs triage

upstream
Released (7.6.0-1)
xenial Needs triage

mantic
Released (7.6.0-0ubuntu3)
Patches:
upstream: https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7

Severity score breakdown

Parameter Value
Base score 6.5
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H