Wind River Support Network


LIN1021-3097 : Security Advisory - libvirt - CVE-2022-0897

Created: Mar 17, 2022    Updated: Apr 28, 2022
Resolved Date: Apr 28, 2022
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace


A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the 'driver->nwfilters' mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the 'driver->nwfilters' object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt’s API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).


Live chat