CVE-2022-0897

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
References
Configurations

Configuration 1

cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Information

Published : 2022-03-25 07:15

Updated : 2022-10-27 08:54


NVD link : CVE-2022-0897

Mitre link : CVE-2022-0897

Products Affected
No products.
CWE