Vulnerability CVE-2021-3667

Vulnerability Name:

CVE-2021-3667 (CCN-221071)

Assigned:

2021-07-21

Published:

2021-07-21

Updated:

2023-02-12

Summary:

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

6.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-667

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-3667

Source: CCN
Type: Red Hat Bugzilla Bug 1986094
(CVE-2021-3667) - CVE-2021-3667 libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API

Source: secalert@redhat.com
Type: Issue Tracking, Vendor Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
libvirt-cve20213667-dos(221071)

Source: CCN
Type: libvirt GitLab
storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath

Source: secalert@redhat.com
Type: Patch, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libvirt:libvirt:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8047	P	openldap2-devel-32bit-2.4.46-150200.14.11.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7999	P	crash-7.3.1-150500.3.4 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7692	P	libvirt-libs-9.0.0-150500.4.3 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:761	P	Security update for 389-ds (Moderate)	2022-09-16
oval:org.opensuse.security:def:6148	P	Security update for libcroco (Important)	2022-08-26
oval:org.opensuse.security:def:3662	P	Security update for ldb, samba (Important)	2022-08-03
oval:org.opensuse.security:def:95425	P	Security update for freerdp (Critical)	2022-07-11
oval:org.opensuse.security:def:3100	P	gvim-7.4.326-17.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3519	P	gv-3.7.4-1.36 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3504	P	gnome-settings-daemon-3.20.1-50.16.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94631	P	libcroco-0.6.13-150400.9.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94730	P	libvirt-libs-8.0.0-150400.5.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95134	P	libvirt-8.0.0-150400.5.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:99754	P	(Moderate)	2022-03-04
oval:org.opensuse.security:def:100065	P	(Moderate)	2022-01-20
oval:org.opensuse.security:def:112903	P	libvirt-7.7.0-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99161	P	(Important)	2021-11-16
oval:org.opensuse.security:def:102138	P	Security update for samba (Important)	2021-11-15
oval:com.redhat.rhsa:def:20214191	P	RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate)	2021-11-09
oval:org.opensuse.security:def:111123	P	Security update for libvirt (Moderate)	2021-11-05
oval:org.opensuse.security:def:64608	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:42137	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:102770	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:5877	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:108010	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:69088	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:76034	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:108804	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:117524	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:101344	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:96080	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:66966	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:73730	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:109436	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:118532	P	Security update for libvirt (Moderate)	2021-10-29
oval:org.opensuse.security:def:106046	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:69945	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:9805	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:92406	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:8855	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:106245	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:70496	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:10356	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:99356	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:92605	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:105656	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:9050	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:106444	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:92016	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:99555	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:92804	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:105851	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:69746	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:9606	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:98966	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:106731	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:92211	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:26139	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:5875	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:34553	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:60376	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:5126	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:106362	P	libvirt-7.7.0-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:1624	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:64751	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:101492	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:69136	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:76305	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:102200	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:111684	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:67237	P	Security update for libvirt (Moderate)	2021-08-23
oval:org.opensuse.security:def:73873	P	Security update for libvirt (Moderate)	2021-08-23

BACK