A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-03-25T00:00:00

Updated: 2024-08-02T23:47:42.099Z

Reserved: 2022-03-09T00:00:00

Link: CVE-2022-0897

cve-icon Vulnrichment

Updated: 2024-08-02T23:47:42.099Z

cve-icon NVD

Status : Modified

Published: 2022-03-25T19:15:10.340

Modified: 2024-04-01T13:16:57.670

Link: CVE-2022-0897

cve-icon Redhat

Severity : Low

Publid Date: 2022-03-17T00:00:00Z

Links: CVE-2022-0897 - Bugzilla