A use-after-free flaw was found in qemuProcessHandleMonitorEOF() within src/qemu/qemu_process.c, here qemuMonitorUnregister() is called using multiple threads without being adequately protected by a monitor lock. This issue could be used by a unprivileged user to perform a denial of service attack by causing segmentation fault on libvirt Fixed upstream in libvirt: https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7
Created libvirt tracking bugs for this issue: Affects: fedora-all [bug 2024334]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1759 https://access.redhat.com/errata/RHSA-2022:1759
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3975