Denial Of Service (DoS)

2022-04-1000:42:31

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

JSON

libnbd is vulnerable to denial of service. The vulnerability exists when performing multi-threaded copies using asynchronous nbd calls which results in the silent creation of a corrupted destination image.

CPENameOperatorVersion
libnbdeq1.2.2__1.module+el8.2.0+5644+32ac38d4
libnbdeq1.2.2__1.module_el8.3.0+755+88436ea4
libnbdeq1.2.2__1.module_el8.3.0+555+a55c8938
libnbdeq1.2.2__1.el8
libnbdeq1.2.2__1.module_el8.4.0+525+256c136b
libnbdeq1.2.2__1.module_el8.5.0+746+bbd5d70c
libnbdeq1.2.2__1.module_el8.4.0+783+f8734d30
libnbdeq1.6.0__3.module+el8.4.0+9856+bbc47853
libnbdeq1.6.0__4.el8
libnbdeq1.6.0__4.module_el8.6.0+983+a7505f3f

Name	Operator	Version
libnbd	eq	1.2.2__1.module+el8.2.0+5644+32ac38d4
libnbd	eq	1.2.2__1.module_el8.3.0+755+88436ea4
libnbd	eq	1.2.2__1.module_el8.3.0+555+a55c8938
libnbd	eq	1.2.2__1.el8
libnbd	eq	1.2.2__1.module_el8.4.0+525+256c136b
libnbd	eq	1.2.2__1.module_el8.5.0+746+bbd5d70c
libnbd	eq	1.2.2__1.module_el8.4.0+783+f8734d30
libnbd	eq	1.6.0__3.module+el8.4.0+9856+bbc47853
libnbd	eq	1.6.0__4.el8
libnbd	eq	1.6.0__4.module_el8.6.0+983+a7505f3f