Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-0897

Опубликовано: 25 мар. 2022
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4
CVSS3: 4.3

Описание

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).

РелизСтатусПримечание
bionic

released

4.0.0-1ubuntu8.21
devel

not-affected

9.0.0-2ubuntu1
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

not-affected

4.0.0-1ubuntu8.21
esm-infra/focal

not-affected

6.0.0-0ubuntu8.16
esm-infra/xenial

needs-triage

focal

released

6.0.0-0ubuntu8.16
impish

released

7.6.0-0ubuntu1.2
jammy

released

8.0.0-1ubuntu7.5
kinetic

not-affected

8.6.0-0ubuntu3.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 13%
0.00045
Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-0897

CVSS3: 5
redhat
больше 3 лет назад

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).

nvd логотип

CVE-2022-0897

CVSS3: 4.3
nvd
около 3 лет назад

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).

debian логотип

CVE-2022-0897

CVSS3: 4.3
debian
около 3 лет назад

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjLis ...

suse-cvrf логотип

SUSE-SU-2023:2754-1

suse-cvrf
почти 2 года назад

Security update for libvirt

suse-cvrf логотип

SUSE-SU-2022:1549-1

suse-cvrf
около 3 лет назад

Security update for libvirt

EPSS

Процентиль: 13%
0.00045
Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3