Описание
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.
Отчет
This issue did not affect the version of Ceph as shipped with Red Hat Ceph Storage 3 and 4 as they did not include the support for spdk.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 3 | ceph | Not affected | ||
| Red Hat Ceph Storage 4 | ceph | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1740102SPDK: vhost user causes crash by sending invalid input
EPSS
Процентиль: 52%
0.00292
Низкий
6.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.5
nvd
больше 6 лет назад
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.
github
больше 3 лет назад
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.
EPSS
Процентиль: 52%
0.00292
Низкий
6.5 Medium
CVSS3