CVE-2021-3667
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3667
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3667.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-3667
- Downstream
- Related
- Published
- 2022-03-02T23:15:08Z
- Modified
- 2025-09-16T07:17:43.670264Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.
- References
-
- https://bugzilla.redhat.com/show_bug.cgi?id=1986094
- https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87
- https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
- https://security.gentoo.org/glsa/202210-06
- https://security.netapp.com/advisory/ntap-20220331-0005/
- https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87
Affected packages
Debian:11 / libvirt
Package
- Name
- libvirt
- Purl
- pkg:deb/debian/libvirt?arch=source
Debian:12 / libvirt
Package
- Name
- libvirt
- Purl
- pkg:deb/debian/libvirt?arch=source
Debian:13 / libvirt
Package
- Name
- libvirt
- Purl
- pkg:deb/debian/libvirt?arch=source
Debian:14 / libvirt
Package
- Name
- libvirt
- Purl
- pkg:deb/debian/libvirt?arch=source
Git / github.com/libvirt/libvirt
Affected ranges
- Type
- GIT
- Repo
- https://github.com/libvirt/libvirt
- Events
-
IntroducedLast affected
- Type
- GIT
- Repo
- https://gitlab.com/libvirt/libvirt
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
CVE-2011-1146
CVE-2011-1486
CVE-2011-2178
CVE-2012-3411
CVE-2012-3445
CVE-2012-4423
CVE-2013-0170
CVE-2013-1962
CVE-2013-2218
CVE-2013-2230
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4291
CVE-2013-4292
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400-1
CVE-2013-4400-2
CVE-2013-4400-3
CVE-2013-4401
CVE-2013-5651
CVE-2013-6436
CVE-2013-6457
CVE-2013-6458-1
CVE-2013-6458-2
CVE-2013-6458-3
CVE-2013-6458-4
CVE-2013-7336
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447-1
CVE-2014-1447-2
CVE-2014-3633
CVE-2014-3657
CVE-2014-7823
CVE-2014-8131-1
CVE-2014-8131-2
CVE-2014-8135
CVE-2014-8136
CVE-2015-0236-1
CVE-2015-0236-2
CVE-2015-5247-1
CVE-2015-5247-2
CVE-2015-5247-3
CVE-2015-5313
CVE-2016-5008
CVE-2017-1000256
CVE-2017-2635
LIBVIRT_0_0_3
LIBVIRT_0_0_4
LIBVIRT_0_0_5
LIBVIRT_0_1_0
LIBVIRT_0_1_1
LIBVIRT_0_1_10
LIBVIRT_0_1_11
LIBVIRT_0_1_3
LIBVIRT_0_1_4
LIBVIRT_0_1_6
LIBVIRT_0_1_7
LIBVIRT_0_1_8
LIBVIRT_0_1_9
LIBVIRT_0_2_0
LIBVIRT_0_2_1
LIBVIRT_0_2_2
LIBVIRT_0_3_0
LIBVIRT_0_3_1
LIBVIRT_0_3_2
LIBVIRT_0_3_3
LIBVIRT_0_4_1
LIBVIRT_0_4_2
LIBVIRT_0_4_4
LIBVIRT_0_4_6
LIBVIRT_0_5_0
LIBVIRT_0_5_1
LIBVIRT_0_6_0
LIBVIRT_0_6_1
LIBVIRT_0_6_2
LIBVIRT_0_6_3
LIBVIRT_0_6_4
LIBVIRT_0_6_5
LIBVIR_0_0_1
LIBVIR_0_0_2
LIVIRT_0_2_3
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.1.0
v0.1.1
v0.1.10
v0.1.11
v0.1.3
v0.1.4
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.10.0
v0.10.0-rc0
v0.10.0-rc1
v0.10.0-rc2
v0.10.1
v0.10.2
v0.10.2-rc1
v0.10.2-rc2
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.1
v0.4.2
v0.4.4
v0.4.6
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.9.0
v0.9.1
v0.9.10
v0.9.10-rc1
v0.9.10-rc2
v0.9.11
v0.9.11-rc1
v0.9.11-rc2
v0.9.12
v0.9.12-rc1
v0.9.12-rc2
v0.9.13
v0.9.13-rc1
v0.9.13-rc2
v0.9.2
v0.9.3
v0.9.3-rc1
v0.9.3-rc2
v0.9.4
v0.9.4-rc1
v0.9.4-rc2
v0.9.5
v0.9.5-rc1
v0.9.5-rc2
v0.9.5-rc3
v0.9.6
v0.9.7
v0.9.7-rc1
v0.9.8
v0.9.8-rc1
v0.9.8-rc2
v0.9.9
v0.9.9-rc1
v0.9.9-rc2
v1.*
v1.0.0
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3
v1.0.1
v1.0.1-rc1
v1.0.1-rc2
v1.0.2
v1.0.2-rc1
v1.0.2-rc2
v1.0.3
v1.0.3-rc1
v1.0.3-rc2
v1.0.4
v1.0.4-rc1
v1.0.4-rc2
v1.0.5
v1.0.5-rc1
v1.0.6
v1.0.6-rc1
v1.0.6-rc2
v1.1.0
v1.1.0-rc1
v1.1.0-rc2
v1.1.1
v1.1.1-rc1
v1.1.1-rc2
v1.1.2
v1.1.2-rc1
v1.1.2-rc2
v1.1.3
v1.1.3-rc1
v1.1.3-rc2
v1.1.4
v1.1.4-rc1
v1.1.4-rc2
v1.2.0
v1.2.0-rc1
v1.2.0-rc2
v1.2.1
v1.2.1-rc1
v1.2.1-rc2
v1.2.10
v1.2.10-rc1
v1.2.10-rc2
v1.2.11
v1.2.11-rc1
v1.2.11-rc2
v1.2.12
v1.2.12-rc1
v1.2.12-rc2
v1.2.13
v1.2.13-rc1
v1.2.13-rc2
v1.2.14
v1.2.14-rc1
v1.2.14-rc2
v1.2.15
v1.2.15-rc1
v1.2.15-rc2
v1.2.16
v1.2.16-rc1
v1.2.16-rc2
v1.2.17
v1.2.17-rc1
v1.2.17-rc2
v1.2.18
v1.2.18-rc1
v1.2.18-rc2
v1.2.19
v1.2.19-rc1
v1.2.19-rc2
v1.2.2
v1.2.2-rc1
v1.2.2-rc2
v1.2.20
v1.2.20-rc1
v1.2.20-rc2
v1.2.21
v1.2.21-rc1
v1.2.21-rc2
v1.2.3
v1.2.3-rc1
v1.2.3-rc2
v1.2.4
v1.2.4-rc1
v1.2.4-rc2
v1.2.5
v1.2.5-rc1
v1.2.5-rc2
v1.2.6
v1.2.6-rc1
v1.2.6-rc2
v1.2.7
v1.2.7-rc1
v1.2.7-rc2
v1.2.8
v1.2.8-rc1
v1.2.8-rc2
v1.2.9
v1.2.9-rc1
v1.2.9-rc2
v1.3.0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.3.1-rc1
v1.3.1-rc2
v1.3.2
v1.3.2-rc1
v1.3.2-rc2
v1.3.3
v1.3.3-rc1
v1.3.3-rc2
v1.3.4
v1.3.4-rc1
v1.3.4-rc2
v1.3.5
v1.3.5-rc1
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.1.0
v2.1.0-rc1
v2.2.0
v2.2.0-rc1
v2.2.0-rc2
v2.3.0
v2.3.0-rc1
v2.3.0-rc2
v2.4.0
v2.4.0-rc1
v2.4.0-rc2
v2.5.0
v2.5.0-rc1
v2.5.0-rc2
v3.*
v3.0.0
v3.0.0-rc1
v3.0.0-rc2
v3.1.0
v3.1.0-rc1
v3.1.0-rc2
v3.10.0
v3.10.0-rc1
v3.10.0-rc2
v3.2.0
v3.2.0-rc1
v3.2.0-rc2
v3.3.0
v3.3.0-rc1
v3.3.0-rc2
v3.4.0
v3.4.0-rc1
v3.4.0-rc2
v3.5.0
v3.5.0-rc1
v3.5.0-rc2
v3.6.0
v3.6.0-rc1
v3.6.0-rc2
v3.7.0
v3.7.0-rc1
v3.7.0-rc2
v3.8.0
v3.8.0-rc1
v3.9.0
v3.9.0-rc1
v3.9.0-rc2
v4.*
v4.0.0
v4.0.0-rc1
v4.0.0-rc2
v4.1.0
v4.1.0-rc1
v4.1.0-rc2
v4.10.0
v4.10.0-rc1
v4.10.0-rc2
v4.2.0
v4.2.0-rc1
v4.2.0-rc2
v4.3.0
v4.3.0-rc1
v4.3.0-rc2
v4.4.0
v4.4.0-rc1
v4.4.0-rc2
v4.5.0
v4.5.0-rc1
v4.5.0-rc2
v4.6.0
v4.6.0-rc1
v4.6.0-rc2
v4.7.0
v4.7.0-rc1
v4.7.0-rc2
v4.8.0
v4.8.0-rc1
v4.8.0-rc2
v4.9.0
v4.9.0-rc1
v5.*
v5.0.0
v5.0.0-rc1
v5.0.0-rc2
v5.1.0
v5.1.0-rc1
v5.1.0-rc2
v5.10.0
v5.10.0-rc1
v5.10.0-rc2
v5.2.0
v5.2.0-rc1
v5.2.0-rc2
v5.3.0
v5.3.0-rc1
v5.3.0-rc2
v5.4.0
v5.4.0-rc1
v5.4.0-rc2
v5.5.0
v5.5.0-rc1
v5.5.0-rc2
v5.6.0
v5.6.0-rc1
v5.6.0-rc2
v5.7.0
v5.7.0-rc1
v5.7.0-rc2
v5.8.0
v5.8.0-rc1
v5.8.0-rc2
v5.9.0
v5.9.0-rc1
v6.*
v6.0.0
v6.0.0-rc1
v6.0.0-rc2
v6.1.0
v6.1.0-rc1
v6.1.0-rc2
v6.10.0
v6.10.0-rc1
v6.10.0-rc2
v6.2.0
v6.2.0-rc1
v6.3.0
v6.3.0-rc1
v6.4.0
v6.4.0-rc1
v6.5.0
v6.5.0-rc1
v6.5.0-rc2
v6.6.0
v6.6.0-rc1
v6.7.0
v6.7.0-rc1
v6.7.0-rc2
v6.8.0
v6.8.0-rc1
v6.8.0-rc2
v6.9.0
v6.9.0-rc1
v6.9.0-rc2
v7.*
v7.0.0
v7.0.0-rc1
v7.0.0-rc2
v7.1.0
v7.1.0-rc1
v7.1.0-rc2
v7.2.0
v7.2.0-rc1
v7.2.0-rc2
v7.3.0
v7.3.0-rc1
v7.3.0-rc2
v7.4.0
v7.4.0-rc1
v7.4.0-rc2
v7.5.0
v7.5.0-rc1
v7.5.0-rc2
Database specific
{
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"source": "https://gitlab.com/libvirt/libvirt@447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87",
"signature_version": "v1",
"target": {
"function": "storagePoolLookupByTargetPath",
"file": "src/storage/storage_driver.c"
},
"digest": {
"function_hash": "63369119804262480602584117246342452608",
"length": 747.0
},
"id": "CVE-2021-3667-57b6bb4d"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://gitlab.com/libvirt/libvirt@447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87",
"signature_version": "v1",
"target": {
"file": "src/storage/storage_driver.c"
},
"digest": {
"line_hashes": [
"195877491387619479579158237720163764491",
"90682379184772759765846818989144802475",
"317837978998188109099395814412819850670",
"336804048009231029245701955274722411095",
"94913288173034920064177808702328388873"
],
"threshold": 0.9
},
"id": "CVE-2021-3667-cd1a45ce"
}
]
}