CVE-2021-3975
MEDIUMlibvirt < 7.1.0 - Use-After-Free in qemuMonitorUnregister
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-3975. PoCs published by yan5ui.
AI-analyzed exploit summary This repository contains source code and scripts related to CVE-2021-3975, focusing on ACL (Access Control List) checks and validation in libvirt. The provided scripts and code snippets are part of the libvirt project and are used for validating ACL implementations and ensuring proper security checks are in place.
Description
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
Exploits (1)
This repository contains source code and scripts related to CVE-2021-3975, focusing on ACL (Access Control List) checks and validation in libvirt. The provided scripts and code snippets are part of the libvirt project and are used for validating ACL implementations and ensuring proper security checks are in place.
References (6)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H