Updated: 2024-11-30 04:18:00.411667
Description:
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.3 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | libvirt | 9.0.0 | 5.3 | MEDIUM | Released | CLSA-2025:1739822055 | 2025-02-18 06:35:38 | |
| CentOS 6 ELS | libvirt | 0.10.2 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:51 | ||
| CentOS 7 ELS | libvirt | 4.5.0 | 5.3 | MEDIUM | Ignored | 2024-06-25 11:20:16 | ||
| CentOS 8.4 ELS | libvirt | 6.0.0-35.1 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:52 | ||
| CentOS 8.5 ELS | libvirt | 6.0.0-37 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:51 | ||
| CloudLinux 6 ELS | libvirt | 0.10.2 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:51 | ||
| Oracle Linux 6 ELS | libvirt | 0.10.2 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:51 | ||
| Ubuntu 16.04 ELS | libvirt | 1.3.1-1 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:51 | ||
| Ubuntu 18.04 ELS | libvirt | 4.0.0-1 | 5.3 | MEDIUM | Ignored | 2023-12-01 03:18:51 |