First published: Wed Nov 17 2021(Updated: )
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Libvirt | <7.1.0 | |
Canonical Ubuntu Linux | =21.10 | |
Fedoraproject Fedora | =35 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux For Ibm Z Systems | =8.0 | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =8.6 | |
Redhat Enterprise Linux For Power Little Endian | =8.0 | |
Redhat Enterprise Linux For Power Little Endian Eus | =8.6 | |
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | =8.6 | |
Redhat Enterprise Linux Server Tus | =8.6 | |
Redhat Codeready Linux Builder | ||
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux For Ibm Z Systems | =8.0 | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =8.6 | |
Redhat Enterprise Linux For Power Little Endian | =8.0 | |
Redhat Enterprise Linux For Power Little Endian Eus | =8.6 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
NetApp ONTAP Select Deploy administration utility | ||
redhat/libvirt | <7.1.0 | 7.1.0 |
All of | ||
Redhat Codeready Linux Builder | ||
Any of | ||
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux For Ibm Z Systems | =8.0 | |
Redhat Enterprise Linux For Ibm Z Systems Eus | =8.6 | |
Redhat Enterprise Linux For Power Little Endian | =8.0 | |
Redhat Enterprise Linux For Power Little Endian Eus | =8.6 | |
debian/libvirt | <=5.0.0-4+deb10u1<=7.0.0-3+deb11u2 | 5.0.0-4+deb10u2 9.0.0-4 10.0.0-2 10.2.0-1 |
ubuntu/libvirt | <4.0.0-1ubuntu8.21 | 4.0.0-1ubuntu8.21 |
ubuntu/libvirt | <6.0.0-0ubuntu8.16 | 6.0.0-0ubuntu8.16 |
ubuntu/libvirt | <7.6.0-0ubuntu3 | 7.6.0-0ubuntu3 |
ubuntu/libvirt | <7.6.0-0ubuntu3 | 7.6.0-0ubuntu3 |
ubuntu/libvirt | <7.6.0-0ubuntu3 | 7.6.0-0ubuntu3 |
ubuntu/libvirt | <7.6.0-0ubuntu3 | 7.6.0-0ubuntu3 |
ubuntu/libvirt | <7.6.0-0ubuntu3 | 7.6.0-0ubuntu3 |
ubuntu/libvirt | <7.6.0-1 | 7.6.0-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-3975 is a use-after-free vulnerability found in libvirt.
The severity of CVE-2021-3975 is medium with a CVSS score of 6.5.
CVE-2021-3975 affects libvirt by allowing an attacker to trigger a use-after-free flaw, potentially leading to arbitrary code execution or a denial of service.
To fix CVE-2021-3975, update libvirt to version 7.1.0 or later.
You can find more information about CVE-2021-3975 on the Red Hat Security Advisory and the GitHub commit linked in the references.