CVE-2023-3750: Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service
First published: Wed Jul 12 2023(Updated: )
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Libvirt | ||
| Redhat Enterprise Linux | =9.0 | |
| ubuntu/libvirt | <9.0.0-2ubuntu1.2 | 9.0.0-2ubuntu1.2 |
| debian/libvirt | <=9.0.0-4 | 5.0.0-4+deb10u1 7.0.0-3+deb11u2 9.7.0-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2023-3750
- https://bugzilla.redhat.com/show_bug.cgi?id=2222210
- https://launchpad.net/bugs/cve/CVE-2023-3750
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3750
- https://listman.redhat.com/archives/libvir-list/2023-July/240776.html
- https://ubuntu.com/security/notices/USN-6253-1
- https://nvd.nist.gov/vuln/detail/CVE-2023-3750
- https://security-tracker.debian.org/tracker/CVE-2023-3750
- https://gitlab.com/libvirt/libvirt/-/commit/9a47442366fcf8a7b6d7422016d7bbb6764a1098
- https://ubuntu.com/security/CVE-2023-3750
- https://gitlab.com/libvirt/libvirt/-/commit/0c4b391e2a90c3e0f8a8721cb539e03f14eb1d5e
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2221851
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2221851#c7
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2223718
- https://access.redhat.com/errata/RHSA-2023:6409
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/
Frequently Asked Questions
What is CVE-2023-3750?
CVE-2023-3750 is a vulnerability in the libvirt component that can lead to a denial of service (DoS) attack due to improper locking in the virStoragePoolObjListSearch function.
What is the severity of CVE-2023-3750?
The severity of CVE-2023-3750 is medium, with a severity value of 5.3.
Which software is affected by CVE-2023-3750?
Redhat Libvirt and Redhat Enterprise Linux versions 9.0 and Ubuntu libvirt version 9.0.0-2ubuntu1.2 are affected by CVE-2023-3750.
How can CVE-2023-3750 be exploited?
CVE-2023-3750 can be exploited when attempting to lock the same object from another thread, resulting in a race condition and denial of service.
Where can I find more information about CVE-2023-3750?
You can find more information about CVE-2023-3750 at the following references: [Red Hat Security Advisory](https://access.redhat.com/security/cve/CVE-2023-3750), [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=2222210), [Ubuntu Launchpad](https://launchpad.net/bugs/cve/CVE-2023-3750)
- collector/nvd-latest
- collector/launchpad-cve
- collector/usn-cve
- collector/security-tracker-debian
- collector/nvd-index
- collector/nvd-cve
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-3750
- agent/severity
- agent/author
- agent/weakness
- agent/remedy
- agent/title
- agent/description
- agent/event
- agent/references
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- package-manager/ubuntu
- package-manager/debian
- vendor/redhat
- canonical/redhat libvirt
- canonical/redhat enterprise linux
- version/redhat enterprise linux/9.0