CVE-2021-3975 in libvirtinformación

Resumen

por MITRE • 2022-08-24

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservar

2021-11-18

Divulgación

2022-08-24

Moderación

aceptado

Artículo

VDB-207072

CPE

listo

EPSS

0.01217

KEV

no

Actividades

muy bajo

Fuentes

Might our Artificial Intelligence support you?

Check our Alexa App!