CVE-2021-4147 — Vulnetix

CVE-2021-4147 PUBLISHED CVSS 6.5 MEDIUM

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.

EPSS 0.08% · 23.3th percentile

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS Score

0.08%

23.3th percentile

Affected Products

Vendor	Product	Versions
redhat	libvirt	0
n/a	libvirt	*
fedoraproject	fedora	35
netapp	ontap_select_deploy_administration_utility

Exploit Intelligence

https://bugzilla.redhat.com/show_bug.cgi?id=2034195 (circl)
https://security.netapp.com/advisory/ntap-20220513-0004/ (circl)
[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update (circl)

Timeline

Jan 4, 2022 CVE Published
Mar 26, 2022 EPSS Score
May 16, 2022 EPSS Score
Jul 6, 2022 EPSS Score
Aug 27, 2022 EPSS Score
Oct 16, 2022 EPSS Score
Dec 6, 2022 EPSS Score
Jan 26, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 18, 2023 EPSS Score
May 8, 2023 EPSS Score
Jun 28, 2023 EPSS Score

References

https://bugzilla.redhat.com/show_bug.cgi?id=2034195 url
https://security.netapp.com/advisory/ntap-20220513-0004/ url
[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2021-4147 advisory
https://security.netapp.com/advisory/ntap-20220513-0004 url

Open in Interactive Console →