Red Hat libvirt 7.4.0 Release Candidate 2

CPE Details

Red Hat libvirt 7.4.0 Release Candidate 2
redhat
libvirt
7.4.0
2021-06-07
11h47 +00:00
2021-06-07
12h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:libvirt:7.4.0:rc2:*:*:*:*:*:*

Informations

Vendor

redhat

Product

libvirt

Version

7.4.0

Update

rc2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-3667 2022-03-02 00h00 +00:00 An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.
6.5
Medium
CVE-2021-3631 2022-03-01 23h00 +00:00 A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
6.3
Medium