QEMU NBD Server Vulnerability: DoS Attack via Socket Closure

CVE-2024-7409

Currently unrated 🤨

Key Information

Vendor
Red Hat
Status
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat Openshift Container Platform 4.13
Red Hat Openshift Container Platform 4.15
Vendor
CVE Published:
5 August 2024

Summary

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

Affected Version(s)

Red Hat Enterprise Linux 8 <= 8100020240905091210.489197e6

Red Hat Enterprise Linux 8 <= 8100020240905091210.489197e6

Red Hat Enterprise Linux 9.2 Extended Update Support <= 17:7.2.0-14.el9_2.14

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.