Vulnerability Description
A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nbdkit Project | Nbdkit | < 1.12.7 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1757259Issue TrackingPatchThird Party Advisory
- https://www.redhat.com/archives/libguestfs/2019-September/msg00272.htmlMailing ListPatchVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1757259Issue TrackingPatchThird Party Advisory
- https://www.redhat.com/archives/libguestfs/2019-September/msg00272.htmlMailing ListPatchVendor Advisory
FAQ
What is CVE-2019-14851?
CVE-2019-14851 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affecte...
How severe is CVE-2019-14851?
CVE-2019-14851 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14851?
Check the references section above for vendor advisories and patch information. Affected products include: Nbdkit Project Nbdkit.