[Libguestfs] [NBDKIT SECURITY] Denial of Service / Amplification Attack in nbdkit
Eric Blake
eblake at redhat.com
Tue Oct 1 13:34:38 UTC 2019
On 9/20/19 8:58 AM, Eric Blake wrote:
> On 9/12/19 12:41 PM, Richard W.M. Jones wrote:
>> We have discovered a potential Denial of Service / Amplification Attack
>> in nbdkit.
>
> Unfortunately, our fix for this issue cause another potential Denial of
> Service attack:
>
>>
>> Lifecycle
>> ---------
>>
>> Reported: 2019-09-11 Fixed: 2019-09-11 Published: 2019-09-12
>>
>> There is no CVE number assigned for this issue yet, but the bug is
>> being categorized and processed by Red Hat's security team which may
>> result in a CVE being published later.
>>
>
> Reported: 2019-09-18 Fixed: 2019-09-19 Published: 2019-09-20
>
> Also pending Red Hat security review for whether this deserves a CVE
> (presumably either both issues, or neither, will have a CVE)
Both CVEs have now been assigned:
CVE-2019-14850 - denial of service due to premature .open, depending on
plugin used
CVE-2019-14851 - denial of service due to assertion after NBD_OPT_INFO,
independent of plugin
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
More information about the Libguestfs
mailing list