rpm package
suse/libvirt&distro=SUSE Linux Enterprise Micro 5.0
pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.0
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3975 | — | < 6.0.0-13.24.1 | 6.0.0-13.24.1 | Aug 23, 2022 | A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the gues | ||
| CVE-2021-4147 | — | < 6.0.0-13.24.1 | 6.0.0-13.24.1 | Mar 25, 2022 | A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. | ||
| CVE-2021-3667 | — | < 6.0.0-13.21.1 | 6.0.0-13.21.1 | Mar 2, 2022 | An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write soc | ||
| CVE-2021-3631 | — | < 6.0.0-13.16.2 | 6.0.0-13.16.2 | Mar 2, 2022 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to |
- CVE-2021-3975Aug 23, 2022affected < 6.0.0-13.24.1fixed 6.0.0-13.24.1
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the gues
- CVE-2021-4147Mar 25, 2022affected < 6.0.0-13.24.1fixed 6.0.0-13.24.1
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.
- CVE-2021-3667Mar 2, 2022affected < 6.0.0-13.21.1fixed 6.0.0-13.21.1
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write soc
- CVE-2021-3631Mar 2, 2022affected < 6.0.0-13.16.2fixed 6.0.0-13.16.2
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to