Описание
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
Quick Emulator (QEMU) built with Network Block Device (NBD) Server support was vulnerable to a null-pointer dereference issue. The flaw could occur when releasing a client that was not initialized due to failed negotiation. A remote user or process could exploit this flaw to crash the qemu-nbd server (denial of service).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 5 | xen | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Fixed | RHSA-2017:1681 | 05.07.2017 |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2017:2408 | 01.08.2017 |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2017:2408 | 01.08.2017 |
| Red Hat OpenStack Platform 10.0 (Newton) | qemu-kvm-rhev | Fixed | RHSA-2017:2408 | 01.08.2017 |
| Red Hat OpenStack Platform 11.0 (Ocata) | qemu-kvm-rhev | Fixed | RHSA-2017:2408 | 01.08.2017 |
| Red Hat OpenStack Platform 8.0 (Liberty) | qemu-kvm-rhev | Fixed | RHSA-2017:2408 | 01.08.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2
Связанные уязвимости
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2