A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2021:3631 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1977726 | Issue Tracking Vendor Advisory |
https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2 | Patch Third Party Advisory |
https://gitlab.com/libvirt/libvirt/-/issues/153 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html | |
https://security.gentoo.org/glsa/202210-06 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220331-0010/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
01 Apr 2024, 13:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Oct 2022, 20:09
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202210-06 - Third Party Advisory |
16 Oct 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Jun 2022, 03:28
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220331-0010/ - Third Party Advisory | |
First Time |
Netapp
Netapp ontap Select Deploy Administration Utility |
|
CPE | cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* |
31 Mar 2022, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Mar 2022, 18:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2 - Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1977726 - Issue Tracking, Vendor Advisory | |
References | (MISC) https://gitlab.com/libvirt/libvirt/-/issues/153 - Exploit, Third Party Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2021:3631 - Vendor Advisory | |
CPE | cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:* |
|
CWE | CWE-732 | |
CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 6.3 |
First Time |
Redhat enterprise Linux
Redhat openshift Container Platform Redhat Redhat libvirt |
02 Mar 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-02 23:15
Updated : 2024-04-01 13:16
NVD link : CVE-2021-3631
Mitre link : CVE-2021-3631
CVE.ORG link : CVE-2021-3631
JSON object : View
Products Affected
netapp
- ontap_select_deploy_administration_utility
redhat
- enterprise_linux
- libvirt
- openshift_container_platform
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource