Описание
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libvirt | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libvirt | Out of support scope | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/libvirt | Fix deferred | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:av/libvirt | Affected | ||
| Red Hat Enterprise Linux 9 | libvirt | Not affected | ||
| Advanced Virtualization for RHEL 8.5.0 | virt | Fixed | RHBA-2021:4684 | 16.11.2021 |
| Advanced Virtualization for RHEL 8.5.0 | virt-devel | Fixed | RHBA-2021:4684 | 16.11.2021 |
| Red Hat Enterprise Linux 8 | virt-devel | Fixed | RHSA-2022:1759 | 10.05.2022 |
| Red Hat Enterprise Linux 8 | virt | Fixed | RHSA-2022:1759 | 10.05.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister( ...
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
EPSS
5.3 Medium
CVSS3