VDB
CVE-2021-3631
CVE-2021-3631
PUBLISHED
Es existiert eine Schwachstelle in libvirt, welche auftritt während von SELinux MCS-Kategorie-Paare zum Labeln von VMs erstellt werden. Unter bestimmten Umständen ist es einem Gast möglich, Daten eines anderen Gastes einzusehen, welche das gleiche Label wie der Angreifer haben. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
EPSS 0.07% · 20.9th percentile
Risk Scores
EPSS Score
0.07%
20.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE Linux | |
| Gentoo | Gentoo Linux | |
| Debian | Debian Linux | |
| Open Source | Open Source libvirt | |
| Ubuntu | Ubuntu Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat Virtualization | |
| Oracle | Oracle Linux |
Exploit Intelligence
Timeline
- Jun 30, 2021 CVE Published
- Mar 3, 2022 EPSS Score
- Apr 24, 2022 EPSS Score
- Jun 14, 2022 EPSS Score
- Aug 6, 2022 EPSS Score
- Sep 27, 2022 EPSS Score
- Nov 17, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 21, 2023 EPSS Score
- Jun 12, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1725.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1725 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1977726 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2021-bc6ad65da0 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-July/009217.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-August/009329.html advisory
- https://access.redhat.com/errata/RHSA-2021:4191 advisory
- https://ubuntu.com/security/notices/USN-5399-1 advisory
- https://security.gentoo.org/glsa/202210-06 advisory
- http://linux.oracle.com/errata/ELSA-2022-10062.html advisory
- https://linux.oracle.com/errata/ELSA-2022-10093.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12108.html advisory
- https://linux.oracle.com/errata/ELSA-2023-3822.html advisory
- https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1728.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1728 advisory
- https://access.redhat.com/errata/RHSA-2021:3703 advisory
- https://access.redhat.com/errata/RHSA-2021:3704 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-October/009530.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-October/009684.html advisory
…and 4 more