PublicDateAtUSN: 2022-03-25 19:15:00 UTC
Candidate: CVE-2021-4147
PublicDate: 2022-03-25 19:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4147
 https://listman.redhat.com/archives/libvir-list/2021-November/msg00908.html
 https://ubuntu.com/security/notices/USN-5399-1
Description:
 A flaw was found in the libvirt libxl driver. A malicious guest could
 continuously reboot itself and cause libvirtd on the host to deadlock or
 crash, resulting in a denial of service condition.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002535
 https://bugzilla.redhat.com/show_bug.cgi?id=2034195
Priority: low
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H [6.5 MEDIUM]


Patches_libvirt:
 upstream: https://gitlab.com/libvirt/libvirt/-/commit/23b51d7b8ec885e97a9277cf0a6c2833db4636e8
 upstream: https://gitlab.com/libvirt/libvirt/-/commit/a4e6fba069c0809b8b5dde5e9db62d2efd91b4a0
 upstream: https://gitlab.com/libvirt/libvirt/-/commit/e4f7589a3ec285489618ca04c8c0230cc31f3d99
 upstream: https://gitlab.com/libvirt/libvirt/-/commit/b9a5faea49b7412e26d7389af4c32fc2b3ee80e5
 upstream: https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d
 upstream: https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340
upstream_libvirt: released (7.10.0-2)
trusty/esm_libvirt: needs-triage
esm-infra/xenial_libvirt: needs-triage
trusty_libvirt: ignored (out of standard support)
xenial_libvirt: ignored (out of standard support)
bionic_libvirt: released (4.0.0-1ubuntu8.21)
focal_libvirt: released (6.0.0-0ubuntu8.16)
hirsute_libvirt: ignored (reached end-of-life)
impish_libvirt: released (7.6.0-0ubuntu1.2)
jammy_libvirt: not-affected (8.0.0-1ubuntu7)
devel_libvirt: not-affected (8.0.0-1ubuntu7)