← voltar
CVE-2021-3975

CVE-2021-3975

EPSS 1.2%CWE-416
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
23 ago 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
Produtos afetados
n/a · libvirt

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →