Gkamathe

Name of the Vulnerable Software and Affected Versions: libvirt (affected versions not specified) Description: A use-after-free flaw was found in libvirt, where the `qemuMonitorUnregister()` function in `qemuProcessHandleMonitorEOF` is called using multiple threads without adequate protection by a monitor lock. This issue can be triggered by the `virConnectGetAllDomainStats` API when the guest is shutting down, allowing an unprivileged client with a read-only connection to perform a denial of service attack by causing the libvirt daemon to crash. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.