Skip to content

Latest commit

 

History

History
48 lines (30 loc) · 1.18 KB

nbdkit-security.pod

File metadata and controls

48 lines (30 loc) · 1.18 KB

NAME

nbdkit-security - information about past security issues in nbdkit

DESCRIPTION

This page details past security issues found in nbdkit.

For how to report new security issues, see the SECURITY file in the top level source directory, also available online here: https://gitlab.com/nbdkit/nbdkit/blob/master/SECURITY

CVE-2019-14850 denial of service due to premature opening of back-end connection

See the full announcement and links to mitigation, tests and fixes here: https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html

CVE-2019-14851 assertion failure by issuing commands in the wrong order

This CVE was caused by the fix to the previous issue.

See the full announcement and links to mitigation, tests and fixes here: https://www.redhat.com/archives/libguestfs/2019-September/msg00272.html

CVE-2021-3716 structured read denial of service attack against starttls

See the full announcement and links to mitigation, tests and fixes here: https://www.redhat.com/archives/libguestfs/2021-August/msg00083.html

SEE ALSO

nbdkit(1).

AUTHORS

Eric Blake

Richard W.M. Jones

COPYRIGHT

Copyright Red Hat