VDB
CVE-2021-3975
CVE-2021-3975
PUBLISHED
Es existiert eine Schwachstelle in libvirt. Durch ein fehlendes "Lock" kann in der "qemuMonitorUnregister()" Funktion in "qemuProcessHandleMonitorEOF" eine Use-After-Free Situation entstehen. Ein Angreifer aus einer virtuellen Maschine kann dies ausnutzen, um den libvirt Daemon zum Absturz zu bringen.
EPSS 0.60% · 69.7th percentile
Risk Scores
EPSS Score
0.60%
69.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source libvirt | |
| Debian | Debian Linux | |
| Ubuntu | Ubuntu Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Avaya | Avaya Aura Communication Manager | |
| Avaya | Avaya Aura Application Enablement Services | |
| Oracle | Oracle Linux | |
| SUSE | SUSE Linux |
Exploit Intelligence
- Aritifacts of docker env of CVE-2021-3975 (github-poc-repo)
- Aritifacts of docker env of CVE-2021-3975 (github-poc-repo)
- Aritifacts of docker env of CVE-2021-3975 (github-poc-repo)
- Aritifacts of docker env of CVE-2021-3975 (github-poc-repo)
- Aritifacts of docker env of CVE-2021-3975 (github-poc-repo)
- Aritifacts of docker env of CVE-2021-3975 (github-poc)
- Aritifacts of docker env of CVE-2021-3975 (github-poc)
- Aritifacts of docker env of CVE-2021-3975 (github-poc)
- Aritifacts of docker env of CVE-2021-3975 (github-poc)
- Aritifacts of docker env of CVE-2021-3975 (github-poc)
Timeline
- Nov 24, 2021 CVE Published
- Aug 24, 2022 EPSS Score
- Oct 9, 2022 EPSS Score
- Nov 23, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Feb 23, 2023 EPSS Score
- Apr 9, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 10, 2023 EPSS Score
- Aug 25, 2023 EPSS Score
- Oct 9, 2023 EPSS Score
- Nov 24, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0885.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0885 advisory
- http://bugzilla.redhat.com/show_bug.cgi?id=2024326 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/009969.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/009972.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/009982.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/009983.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/009990.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-January/010027.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010236.html advisory
- https://ubuntu.com/security/notices/USN-5399-1 advisory
- https://access.redhat.com/errata/RHSA-2022:1759 advisory
- https://downloads.avaya.com/css/P8/documents/101081791 advisory
- http://linux.oracle.com/errata/ELSA-2022-9668.html advisory
- https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html advisory