Redhat: >> Enterprise Linux Advanced Virtualization >> 8.0 Security Vulnerabilities
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-06-09
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-06-09