A denial of service vulnerability exists in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nbdkit project nbdkit |
||
redhat enterprise linux server 7.0 |
||
redhat virtualization 4.0 |
||
redhat enterprise linux 8.0 |