Ubuntu update for libvirt
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-0897 CVE-2023-2700 |
| CWE-ID | CWE-667 CWE-401 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system libvirt0 (Ubuntu package) Operating systems & Components / Operating system package or component libvirt-daemon-system (Ubuntu package) Operating systems & Components / Operating system package or component libvirt-daemon (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper locking
EUVDB-ID: #VU62739
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-0897
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS).
The vulnerability exists due to double-locking error within the nwfilterConnectNumOfNWFilters() function in nwfilter/nwfilter_driver.c in libvirt. An local user can abuse the libvirt API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
MitigationUpdate the affected package libvirt to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.04
libvirt0 (Ubuntu package): before 8.0.0-1ubuntu7.5
libvirt-daemon-system (Ubuntu package): before 8.0.0-1ubuntu7.5
libvirt-daemon (Ubuntu package): before 8.0.0-1ubuntu7.5
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:23.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:libvirt0_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libvirt-daemon-system_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libvirt-daemon_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6126-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU76721
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2700
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. A local user can repeatedly query an SR-IOV PCI device's capabilities to cause memory leak and perform denial of service attack.
MitigationUpdate the affected package libvirt to the latest version.
Vulnerable software versionsUbuntu: 22.04 - 23.04
libvirt0 (Ubuntu package): before 8.0.0-1ubuntu7.5
libvirt-daemon-system (Ubuntu package): before 8.0.0-1ubuntu7.5
libvirt-daemon (Ubuntu package): before 8.0.0-1ubuntu7.5
CPE2.3- cpe:2.3:o:canonical:libvirt0_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libvirt-daemon-system_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libvirt-daemon_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6126-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
