- Description
- There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- Severity
- MEDIUM
- secalert@redhat.com
- CWE-193
- Hype score
- Not currently trending
CVE-2025-47711 There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very larg⦠https://t.co/im13HHAHYq
@CVEnew
9 Jun 2025
375 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47711 Denial-of-Service Vulnerability in nbdkit Server Through Large Block Response Handling https://t.co/Igx7Xd96zj
@VulmonFeeds
9 Jun 2025
119 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
π Critical Patch Alert! π #openSUSE Tumbleweed users: nbdkit 1.42.3-1.1 fixes severe security flaws (CVE-2025-47711/47712). π Impacts: β Cloud storage β Virtualization β Enterprise servers Read more: https://t.co/SxxSOVaCZH #CyberSe
@Cezar_H_Linux
16 May 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes