CVE-2021-3667

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.

References

Affected packages

Debian:11 / libvirt

Package

Name: libvirt
Purl: pkg:deb/debian/libvirt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.0-3+deb11u3

Affected versions

7.*

7.0.0-3

7.0.0-3+deb11u1

7.0.0-3+deb11u2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libvirt

Package

Name: libvirt
Purl: pkg:deb/debian/libvirt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libvirt

Package

Name: libvirt
Purl: pkg:deb/debian/libvirt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/libvirt/libvirt

Affected ranges

Type: GIT
Repo: https://github.com/libvirt/libvirt
Events: Introduced

6b59754bfda9477586a75af0c0b9ce1036c414e8

Last affected

03eadc86fc5cdadbc4ab18123d820b6e4e321abd

Type: GIT
Repo: https://gitlab.com/libvirt/libvirt
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87

Affected versions

Other

CVE-2011-1146

CVE-2011-1486

CVE-2011-2178

CVE-2012-3411

CVE-2012-3445

CVE-2012-4423

CVE-2013-0170

CVE-2013-1962

CVE-2013-2218

CVE-2013-2230

CVE-2013-4153

CVE-2013-4154

CVE-2013-4239

CVE-2013-4291

CVE-2013-4292

CVE-2013-4296

CVE-2013-4297

CVE-2013-4311

CVE-2013-4399

CVE-2013-4400-1

CVE-2013-4400-2

CVE-2013-4400-3

CVE-2013-4401

CVE-2013-5651

CVE-2013-6436

CVE-2013-6457

CVE-2013-6458-1

CVE-2013-6458-2

CVE-2013-6458-3

CVE-2013-6458-4

CVE-2013-7336

CVE-2014-0028

CVE-2014-0179

CVE-2014-1447-1

CVE-2014-1447-2

CVE-2014-3633

CVE-2014-3657

CVE-2014-7823

CVE-2014-8131-1

CVE-2014-8131-2

CVE-2014-8135

CVE-2014-8136

CVE-2015-0236-1

CVE-2015-0236-2

CVE-2015-5247-1

CVE-2015-5247-2

CVE-2015-5247-3

CVE-2015-5313

CVE-2016-5008

CVE-2017-1000256

CVE-2017-2635

LIBVIRT_0_0_3

LIBVIRT_0_0_4

LIBVIRT_0_0_5

LIBVIRT_0_1_0

LIBVIRT_0_1_1

LIBVIRT_0_1_10

LIBVIRT_0_1_11

LIBVIRT_0_1_3

LIBVIRT_0_1_4

LIBVIRT_0_1_6

LIBVIRT_0_1_7

LIBVIRT_0_1_8

LIBVIRT_0_1_9

LIBVIRT_0_2_0

LIBVIRT_0_2_1

LIBVIRT_0_2_2

LIBVIRT_0_3_0

LIBVIRT_0_3_1

LIBVIRT_0_3_2

LIBVIRT_0_3_3

LIBVIRT_0_4_1

LIBVIRT_0_4_2

LIBVIRT_0_4_4

LIBVIRT_0_4_6

LIBVIRT_0_5_0

LIBVIRT_0_5_1

LIBVIRT_0_6_0

LIBVIRT_0_6_1

LIBVIRT_0_6_2

LIBVIRT_0_6_3

LIBVIRT_0_6_4

LIBVIRT_0_6_5

LIBVIR_0_0_1

LIBVIR_0_0_2

LIVIRT_0_2_3

v0.*

v0.0.1

v0.0.2

v0.0.3

v0.0.4

v0.0.5

v0.1.0

v0.1.1

v0.1.10

v0.1.11

v0.1.3

v0.1.4

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.10.0

v0.10.0-rc0

v0.10.0-rc1

v0.10.0-rc2

v0.10.1

v0.10.2

v0.10.2-rc1

v0.10.2-rc2

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.4.1

v0.4.2

v0.4.4

v0.4.6

v0.5.0

v0.5.1

v0.6.0

v0.6.1

v0.6.2

v0.6.3

v0.6.4

v0.6.5

v0.7.0

v0.7.1

v0.7.2

v0.7.3

v0.7.4

v0.7.5

v0.7.6

v0.7.7

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.8.4

v0.8.5

v0.8.6

v0.8.7

v0.8.8

v0.9.0

v0.9.1

v0.9.10

v0.9.10-rc1

v0.9.10-rc2

v0.9.11

v0.9.11-rc1

v0.9.11-rc2

v0.9.12

v0.9.12-rc1

v0.9.12-rc2

v0.9.13

v0.9.13-rc1

v0.9.13-rc2

v0.9.2

v0.9.3

v0.9.3-rc1

v0.9.3-rc2

v0.9.4

v0.9.4-rc1

v0.9.4-rc2

v0.9.5

v0.9.5-rc1

v0.9.5-rc2

v0.9.5-rc3

v0.9.6

v0.9.7

v0.9.7-rc1

v0.9.8

v0.9.8-rc1

v0.9.8-rc2

v0.9.9

v0.9.9-rc1

v0.9.9-rc2

v1.*

v1.0.0

v1.0.0-rc1

v1.0.0-rc2

v1.0.0-rc3

v1.0.1

v1.0.1-rc1

v1.0.1-rc2

v1.0.2

v1.0.2-rc1

v1.0.2-rc2

v1.0.3

v1.0.3-rc1

v1.0.3-rc2

v1.0.4

v1.0.4-rc1

v1.0.4-rc2

v1.0.5

v1.0.5-rc1

v1.0.6

v1.0.6-rc1

v1.0.6-rc2

v1.1.0

v1.1.0-rc1

v1.1.0-rc2

v1.1.1

v1.1.1-rc1

v1.1.1-rc2

v1.1.2

v1.1.2-rc1

v1.1.2-rc2

v1.1.3

v1.1.3-rc1

v1.1.3-rc2

v1.1.4

v1.1.4-rc1

v1.1.4-rc2

v1.2.0

v1.2.0-rc1

v1.2.0-rc2

v1.2.1

v1.2.1-rc1

v1.2.1-rc2

v1.2.10

v1.2.10-rc1

v1.2.10-rc2

v1.2.11

v1.2.11-rc1

v1.2.11-rc2

v1.2.12

v1.2.12-rc1

v1.2.12-rc2

v1.2.13

v1.2.13-rc1

v1.2.13-rc2

v1.2.14

v1.2.14-rc1

v1.2.14-rc2

v1.2.15

v1.2.15-rc1

v1.2.15-rc2

v1.2.16

v1.2.16-rc1

v1.2.16-rc2

v1.2.17

v1.2.17-rc1

v1.2.17-rc2

v1.2.18

v1.2.18-rc1

v1.2.18-rc2

v1.2.19

v1.2.19-rc1

v1.2.19-rc2

v1.2.2

v1.2.2-rc1

v1.2.2-rc2

v1.2.20

v1.2.20-rc1

v1.2.20-rc2

v1.2.21

v1.2.21-rc1

v1.2.21-rc2

v1.2.3

v1.2.3-rc1

v1.2.3-rc2

v1.2.4

v1.2.4-rc1

v1.2.4-rc2

v1.2.5

v1.2.5-rc1

v1.2.5-rc2

v1.2.6

v1.2.6-rc1

v1.2.6-rc2

v1.2.7

v1.2.7-rc1

v1.2.7-rc2

v1.2.8

v1.2.8-rc1

v1.2.8-rc2

v1.2.9

v1.2.9-rc1

v1.2.9-rc2

v1.3.0

v1.3.0-rc1

v1.3.0-rc2

v1.3.1

v1.3.1-rc1

v1.3.1-rc2

v1.3.2

v1.3.2-rc1

v1.3.2-rc2

v1.3.3

v1.3.3-rc1

v1.3.3-rc2

v1.3.4

v1.3.4-rc1

v1.3.4-rc2

v1.3.5

v1.3.5-rc1

v2.*

v2.0.0

v2.0.0-rc1

v2.0.0-rc2

v2.1.0

v2.1.0-rc1

v2.2.0

v2.2.0-rc1

v2.2.0-rc2

v2.3.0

v2.3.0-rc1

v2.3.0-rc2

v2.4.0

v2.4.0-rc1

v2.4.0-rc2

v2.5.0

v2.5.0-rc1

v2.5.0-rc2

v3.*

v3.0.0

v3.0.0-rc1

v3.0.0-rc2

v3.1.0

v3.1.0-rc1

v3.1.0-rc2

v3.10.0

v3.10.0-rc1

v3.10.0-rc2

v3.2.0

v3.2.0-rc1

v3.2.0-rc2

v3.3.0

v3.3.0-rc1

v3.3.0-rc2

v3.4.0

v3.4.0-rc1

v3.4.0-rc2

v3.5.0

v3.5.0-rc1

v3.5.0-rc2

v3.6.0

v3.6.0-rc1

v3.6.0-rc2

v3.7.0

v3.7.0-rc1

v3.7.0-rc2

v3.8.0

v3.8.0-rc1

v3.9.0

v3.9.0-rc1

v3.9.0-rc2

v4.*

v4.0.0

v4.0.0-rc1

v4.0.0-rc2

v4.1.0

v4.1.0-rc1

v4.1.0-rc2

v4.10.0

v4.10.0-rc1

v4.10.0-rc2

v4.2.0

v4.2.0-rc1

v4.2.0-rc2

v4.3.0

v4.3.0-rc1

v4.3.0-rc2

v4.4.0

v4.4.0-rc1

v4.4.0-rc2

v4.5.0

v4.5.0-rc1

v4.5.0-rc2

v4.6.0

v4.6.0-rc1

v4.6.0-rc2

v4.7.0

v4.7.0-rc1

v4.7.0-rc2

v4.8.0

v4.8.0-rc1

v4.8.0-rc2

v4.9.0

v4.9.0-rc1

v5.*

v5.0.0

v5.0.0-rc1

v5.0.0-rc2

v5.1.0

v5.1.0-rc1

v5.1.0-rc2

v5.10.0

v5.10.0-rc1

v5.10.0-rc2

v5.2.0

v5.2.0-rc1

v5.2.0-rc2

v5.3.0

v5.3.0-rc1

v5.3.0-rc2

v5.4.0

v5.4.0-rc1

v5.4.0-rc2

v5.5.0

v5.5.0-rc1

v5.5.0-rc2

v5.6.0

v5.6.0-rc1

v5.6.0-rc2

v5.7.0

v5.7.0-rc1

v5.7.0-rc2

v5.8.0

v5.8.0-rc1

v5.8.0-rc2

v5.9.0

v5.9.0-rc1

v6.*

v6.0.0

v6.0.0-rc1

v6.0.0-rc2

v6.1.0

v6.1.0-rc1

v6.1.0-rc2

v6.10.0

v6.10.0-rc1

v6.10.0-rc2

v6.2.0

v6.2.0-rc1

v6.3.0

v6.3.0-rc1

v6.4.0

v6.4.0-rc1

v6.5.0

v6.5.0-rc1

v6.5.0-rc2

v6.6.0

v6.6.0-rc1

v6.7.0

v6.7.0-rc1

v6.7.0-rc2

v6.8.0

v6.8.0-rc1

v6.8.0-rc2

v6.9.0

v6.9.0-rc1

v6.9.0-rc2

v7.*

v7.0.0

v7.0.0-rc1

v7.0.0-rc2

v7.1.0

v7.1.0-rc1

v7.1.0-rc2

v7.2.0

v7.2.0-rc1

v7.2.0-rc2

v7.3.0

v7.3.0-rc1

v7.3.0-rc2

v7.4.0

v7.4.0-rc1

v7.4.0-rc2

v7.5.0

v7.5.0-rc1

v7.5.0-rc2