CVE-2021-3975 — MEDIUM (6.5)

Q: How severe is CVE-2021-3975?

CVE-2021-3975 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-3975?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Libvirt, Canonical Ubuntu Linux, Fedoraproject Fedora, Redhat Enterprise Linux, Redhat Enterprise Linux Eus.

Vulnerability Description

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Redhat	Libvirt	< 7.1.0
Canonical	Ubuntu Linux	21.10
Fedoraproject	Fedora	35
Redhat	Enterprise Linux	8.0
Redhat	Enterprise Linux Eus	8.6
Redhat	Enterprise Linux For Ibm Z Systems	8.0
Redhat	Enterprise Linux For Ibm Z Systems Eus	8.6
Redhat	Enterprise Linux For Power Little Endian	8.0
Redhat	Enterprise Linux For Power Little Endian Eus	8.6
Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.6
Redhat	Enterprise Linux Server Tus	8.6
Redhat	Codeready Linux Builder	-
Debian	Debian Linux	10.0
Netapp	Ontap Select Deploy Administration Utility	-

Related Weaknesses (CWE)

CWE-416

References

https://access.redhat.com/security/cve/CVE-2021-3975Issue TrackingThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2024326Issue TrackingPatchThird Party Advisory
https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ePatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
https://security.netapp.com/advisory/ntap-20221201-0002/Third Party Advisory
https://ubuntu.com/security/CVE-2021-3975PatchThird Party Advisory
https://access.redhat.com/security/cve/CVE-2021-3975Issue TrackingThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2024326Issue TrackingPatchThird Party Advisory
https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ePatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
https://security.netapp.com/advisory/ntap-20221201-0002/Third Party Advisory
https://ubuntu.com/security/CVE-2021-3975PatchThird Party Advisory

FAQ

What is CVE-2021-3975?

CVE-2021-3975 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. T...

How severe is CVE-2021-3975?

CVE-2021-3975 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-3975?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Libvirt, Canonical Ubuntu Linux, Fedoraproject Fedora, Redhat Enterprise Linux, Redhat Enterprise Linux Eus.