CVE-2020-10761

Summary

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.

Affected Software

VendorProductVersion RangeStatus
Red HatQEMU:all QEMU versions before QEMU 5.0.1affected

Weaknesses

  • CWE-617: CWE-617

ADP Enrichment

CVE Program Container

Additional References

References