CVE-2021-3631
Summary
| CVE | CVE-2021-3631 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-03-02 23:15:00 UTC |
|---|
| Updated | 2024-04-01 13:16:00 UTC |
|---|
| Description | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Red Hat Customer Portal - Access to 24x7 support and knowledge |
MISC |
access.redhat.com |
|
| [debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update |
|
lists.debian.org |
|
| 1977726 – (CVE-2021-3631) CVE-2021-3631 libvirt: Insecure sVirt label generation |
MISC |
bugzilla.redhat.com |
|
| libvirt: Multiple Vulnerabilities (GLSA 202210-06) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| Selinux MCS generate a single category context and may be accessed by another machine (#153) · Issues · libvirt / libvirt · GitLab |
MISC |
gitlab.com |
|
| CVE-2021-3631 Libvirt Vulnerability in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| security: fix SELinux label generation logic (15073504) · Commits · libvirt / libvirt · GitLab |
MISC |
gitlab.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159468 Oracle Enterprise Linux Security Update for virt:ol and virt-devel:ol (ELSA-2021-4191)
- 160343 Oracle Enterprise Linux Security Update for libvirt (ELSA-2022-10062)
- 160365 Oracle Enterprise Linux Security Update for virt:kvm_utils (ELSA-2022-10093)
- 160453 Oracle Enterprise Linux Security Update for virt:kvm_utils (ELSA-2023-12108)
- 184879 Debian Security Update for libvirt (CVE-2021-3631)
- 198763 Ubuntu Security Notification for libvirt Vulnerabilities (USN-5399-1)
- 239833 Red Hat Update for virt:rhel and virt-devel:rhel security (RHSA-2021:4191)
- 281714 Fedora Security Update for libvirt (FEDORA-2021-bc6ad65da0)
- 377413 Alibaba Cloud Linux Security Update for virt:rhel and virt-devel:rhel (ALINUX3-SA-2022:0119)
- 502116 Alpine Linux Security Update for libvirt
- 6000552 Debian Security Update for libvirt (DLA 3778-1)
- 710643 Gentoo Linux libvirt Multiple Vulnerabilities (GLSA 202210-06)
- 750955 OpenSUSE Security Update for libvirt (openSUSE-SU-2021:1119-1)
- 751003 OpenSUSE Security Update for libvirt (openSUSE-SU-2021:2812-1)
- 900736 Common Base Linux Mariner (CBL-Mariner) Security Update for libvirt (8880)
- 940172 AlmaLinux Security Update for virt:rhel and virt-devel:rhel (ALSA-2021:4191)
- 960274 Rocky Linux Security Update for virt:rhel and virt-devel:rhel (RLSA-2021:4191)
