Vulnerabilities > CVE-2019-14851 - Reachable Assertion vulnerability in Nbdkit Project Nbdkit

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

nbdkit-project

CWE-617

NVD

Published: 2021-03-18

Updated: 2021-03-25

Summary

A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1.

Vulnerable Configurations

Part	Description	Count
Application	Nbdkit_Project Nbdkit Project Nbdkit *	1

Common Weakness Enumeration (CWE)

CWE-617 - Reachable Assertion

References

https://bugzilla.redhat.com/show_bug.cgi?id=1757259
https://www.redhat.com/archives/libguestfs/2019-September/msg00272.html