CVE-2023-3750
Published: 24 July 2023
Summary
CVE-2023-3750 is a medium-severity Improper Locking (CWE-667) vulnerability in Redhat Libvirt. Its CVSS base score is 6.5 (Medium).
Operationally, ranked at the 31.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-44385
Vulnerability details
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow…
more
clients connecting to the read-only socket to crash the libvirt daemon.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.