Home

Description

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.

PUBLISHED Reserved 2025-05-07 | Published 2025-06-09 | Updated 2026-01-08 | Assigner redhat




MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

Off-by-one Error

Product status

Default status
unaffected

1.11.10 (semver) before 1.38.6
affected

1.40.0 (semver) before 1.40.6
affected

1.42.0 (semver) before 1.42.3
affected

Default status
affected

Default status
unknown

Default status
unknown

Default status
unknown

Default status
unknown

Default status
affected

Timeline

2025-05-12:Reported to Red Hat.
2025-04-23:Made public.

References

access.redhat.com/security/cve/CVE-2025-47711 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2365687 (RHBZ#2365687) issue-tracking

cve.org (CVE-2025-47711)

nvd.nist.gov (CVE-2025-47711)

Download JSON