A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-03-25T00:00:00
Updated: 2024-08-02T23:47:42.099Z
Reserved: 2022-03-09T00:00:00
Link: CVE-2022-0897
Vulnrichment
Updated: 2024-08-02T23:47:42.099Z
NVD
Status : Modified
Published: 2022-03-25T19:15:10.340
Modified: 2024-11-21T06:39:37.387
Link: CVE-2022-0897
Redhat