Bugzilla – Bug 931987
VUL-0: CVE-2013-7441: nbd: NBD server terminates on SIGPIPE during negotiation
Last modified: 2018-02-26 07:03:45 UTC
rh#1224074 / CVE-2013-7441 -------------------------------------------- A denial of service flaw was found in nbd: "The listener/root server process terminates on SIGPIPE during negotiation. This is hardly the desired behavior, since any malfunctioning client can brought the listener server down by closing the socket unexpectedly." Additional information: http://sourceforge.net/p/nbd/mailman/message/30410146/ Upstream patch: https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4 -------------------------------------------- References: https://bugzilla.redhat.com/show_bug.cgi?id=1224074 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7441 http://seclists.org/oss-sec/2015/q2/516 http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-7441.html
assigning to real maintainer, thanks much Martin
Created http://bugzilla.suse.com/show_bug.cgi?id=930173
I meant https://build.opensuse.org/request/show/308367
*** Bug 930173 has been marked as a duplicate of this bug. ***
Hopefully I will no become real maintainer - https://build.opensuse.org/request/show/308370
This is an autogenerated message for OBS integration: This bug (931987) was mentioned in https://build.opensuse.org/request/show/308377 13.2+13.1 / nbd
openSUSE-SU-2015:0994-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 930173,931987 CVE References: CVE-2013-7441,CVE-2015-0847 Sources used: openSUSE 13.2 (src): nbd-3.3-4.3.1 openSUSE 13.1 (src): nbd-3.3-2.3.1