CVE-2021-3631

MEDIUM Year: 2021
CVSS v3 Score
6.3
Medium
CVSS v2 Score
3.3
Low
Weakness Type
CWE-732
View all →

Vulnerability Description

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

Related Vulnerabilities

CVE-2018-12223

MEDIUM
CVSS:6.3(Medium)

Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.506...

CWE-7322018

CVE-2022-22411

MEDIUM
CVSS:6.3(Medium)

IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM ...

CWE-7322022

CVE-2024-30208

MEDIUM
CVSS:6.3(Medium)

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Lo...

CWE-7322024

CVE-2024-0019

MEDIUM
CVSS:6.2(Medium)

In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to...

CWE-7322024

CVE-2024-2905

MEDIUM
CVSS:6.2(Medium)

A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissio...

CWE-7322024

CVE-2024-21703

MEDIUM
CVSS:6.4(Medium)

This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations. This Security Misconfiguration vulnerabilit...

CWE-7322024