QEMU NBD Server Vulnerability: DoS Attack via Socket Closure

CVE-2024-7409

Currently unrated 🤨

Key Information

Vendor: Red Hat
Status: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.2 Extended Update Support; Red Hat Openshift Container Platform 4.13; Red Hat Openshift Container Platform 4.15
Vendor: CVE Published:; 5 August 2024

Summary

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

Affected Version(s)

Red Hat Enterprise Linux 8 <= 8100020240905091210.489197e6

Red Hat Enterprise Linux 8 <= 8100020240905091210.489197e6

Red Hat Enterprise Linux 9.2 Extended Update Support <= 17:7.2.0-14.el9_2.14

Timeline

Vulnerability published.
Aug 5, 2024
Vulnerability Reserved.
Aug 2, 2024
Reported to Red Hat.
Aug 2, 2024

Collectors

NVD DatabaseMitre Database

.