CVE-2021-4147

Published: 25 March 2022

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.

Priority

CVSS 3 base score: 6.5

Status

Package	Release	Status
libvirt Launchpad, Ubuntu, Debian	bionic	Released (4.0.0-1ubuntu8.21)
	focal	Released (6.0.0-0ubuntu8.16)
	hirsute	Ignored (reached end-of-life)
	impish	Released (7.6.0-0ubuntu1.2)
	jammy	Not vulnerable (8.0.0-1ubuntu7)
	kinetic	Not vulnerable (8.0.0-1ubuntu7)
	trusty	Needs triage
	upstream	Released (7.10.0-2)
	xenial	Needs triage
	Patches: upstream: https://gitlab.com/libvirt/libvirt/-/commit/23b51d7b8ec885e97a9277cf0a6c2833db4636e8 upstream: https://gitlab.com/libvirt/libvirt/-/commit/a4e6fba069c0809b8b5dde5e9db62d2efd91b4a0 upstream: https://gitlab.com/libvirt/libvirt/-/commit/e4f7589a3ec285489618ca04c8c0230cc31f3d99 upstream: https://gitlab.com/libvirt/libvirt/-/commit/b9a5faea49b7412e26d7389af4c32fc2b3ee80e5 upstream: https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d upstream: https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Security