Bug 2034195 (CVE-2021-4147) - CVE-2021-4147 libvirt: deadlock and crash in libxl driver
Summary: CVE-2021-4147 libvirt: deadlock and crash in libxl driver
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2021-4147
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2034252
Blocks: 2034186 2034658
TreeView+ depends on / blocked
 
Reported: 2021-12-20 11:37 UTC by Mauro Matteo Cascella
Modified: 2022-03-25 10:30 UTC (History)
15 users (show)

Fixed In Version: libvirt 2.33.0
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.
Clone Of:
Environment:
Last Closed: 2021-12-20 14:19:50 UTC
Embargoed:

Attachments (Terms of Use)

Description Mauro Matteo Cascella 2021-12-20 11:37:31 UTC 
A flaw was found in the libvirt libxl driver. A rouge guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. See https://listman.redhat.com/archives/libvir-list/2021-November/msg00908.html.
Comment 2 Mauro Matteo Cascella 2021-12-20 13:18:34 UTC 
Upstream commits:
https://gitlab.com/libvirt/libvirt/-/commit/23b51d7b8ec885e97a9277cf0a6c2833db4636e8
https://gitlab.com/libvirt/libvirt/-/commit/a4e6fba069c0809b8b5dde5e9db62d2efd91b4a0
https://gitlab.com/libvirt/libvirt/-/commit/e4f7589a3ec285489618ca04c8c0230cc31f3d99
https://gitlab.com/libvirt/libvirt/-/commit/b9a5faea49b7412e26d7389af4c32fc2b3ee80e5
https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d
https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340
Comment 3 Mauro Matteo Cascella 2021-12-20 13:48:21 UTC 
Created libvirt tracking bugs for this issue:

Affects: fedora-all [bug 2034252]
Note You need to log in before you can comment on or make changes to this bug.