Description
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.
References (15)
Scores
CVSS v3
7.5
EPSS
0.0170
EPSS Percentile
82.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-662
Status
published
Products (15)
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8
8100020240905091210.489197e6
Red Hat/Red Hat Enterprise Linux 8 Advanced Virtualization
Red Hat/Red Hat Enterprise Linux 9
17:9.0.0-10.el9_5
Red Hat/Red Hat Enterprise Linux 9.2 Extended Update Support
17:7.2.0-14.el9_2.14
Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support
17:8.2.0-11.el9_4.8
Red Hat/Red Hat OpenShift Container Platform 4.13
413.92.202409180051-0
Red Hat/Red Hat OpenShift Container Platform 4.13
413.92.202411212100-0
... and 5 more
Published
Aug 05, 2024
Tracked Since
Feb 18, 2026