ALT-PU-2025-7665-3

Обновление пакета nbdkit в ветке p11

Версия1.43.9-alt1

Задание#386049

Опубликовано2025-06-10

Макс. серьёзностьMEDIUM

Серьёзность:

Закрытые проблемы (2)

MEDIUM6.5

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.

Опубликовано: 2025-06-09Изменено: 2026-01-08

CVSS 3.xСРЕДНЯЯ 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ссылки

MEDIUM6.5

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.

Опубликовано: 2025-06-09Изменено: 2026-01-08

CVSS 3.xСРЕДНЯЯ 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ссылки