CVE-2021-3631

Published: Mar 2, 2022Modified: Nov 21, 2024

6.3

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 1.0 / Impact: 5.2

Source: NVD

Description

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

Affected (4)

Products: Redhat: Libvirt, Enterprise Linux, Openshift Container Platform · Netapp: Ontap Select Deploy Administration Utility

3 products

Enterprise Linux

Openshift Container Platform

1 product

Ontap Select Deploy Administration Utility

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Libvirt	Before 7.5.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Openshift Container Platform	Version 4.8

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Netapp Ontap Select Deploy Administration Utility	All versions

Related CWEs

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (14)

https://access.redhat.com/errata/RHSA-2021:3631

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1977726

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2

Source: secalert@redhat.com

PatchThird Party Advisory

https://gitlab.com/libvirt/libvirt/-/issues/153

Source: secalert@redhat.com

ExploitThird Party Advisory

https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html

Source: secalert@redhat.com

https://security.gentoo.org/glsa/202210-06

Source: secalert@redhat.com

Third Party Advisory

https://security.netapp.com/advisory/ntap-20220331-0010/

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2021:3631

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1977726

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://gitlab.com/libvirt/libvirt/-/issues/153

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/202210-06

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://security.netapp.com/advisory/ntap-20220331-0010/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.