Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2021-4147

Published: 25 March 2022

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian
bionic
Released (4.0.0-1ubuntu8.21)
focal
Released (6.0.0-0ubuntu8.16)
hirsute Ignored
(reached end-of-life)
impish
Released (7.6.0-0ubuntu1.2)
jammy Not vulnerable
(8.0.0-1ubuntu7)
kinetic Not vulnerable
(8.0.0-1ubuntu7)
trusty Needs triage

upstream
Released (7.10.0-2)
xenial Needs triage

Patches:
upstream: https://gitlab.com/libvirt/libvirt/-/commit/23b51d7b8ec885e97a9277cf0a6c2833db4636e8
upstream: https://gitlab.com/libvirt/libvirt/-/commit/a4e6fba069c0809b8b5dde5e9db62d2efd91b4a0
upstream: https://gitlab.com/libvirt/libvirt/-/commit/e4f7589a3ec285489618ca04c8c0230cc31f3d99
upstream: https://gitlab.com/libvirt/libvirt/-/commit/b9a5faea49b7412e26d7389af4c32fc2b3ee80e5
upstream: https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d
upstream: https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340