Published: 25/03/2022 Updated: 01/04/2024

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

It exists that libvirt incorrectly handled the libxl driver. An attacker inside a guest could possibly use this issue to cause libvirtd to crash or stop responding, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2021-4147)

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat libvirt
fedoraproject fedora 35
netapp ontap select deploy administration utility -

Debian Bug report logs - #1002535 libvirt: CVE-2021-4147: deadlock and crash in libxl driver Package: src:libvirt; Maintainer for src:libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 23 Dec 2021 20:27:02 UTC Sever ...

Several security issues were fixed in libvirt ...

A flaw was found in the libvirt libxl driver A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition ...

CWE-667 https://bugzilla.redhat.com/show_bug.cgi?id=2034195 https://security.netapp.com/advisory/ntap-20220513-0004/https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002535 https://ubuntu.com/security/notices/USN-5399-1 https://nvd.nist.gov

CVE-2021-4147

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect