|
|
a81d13 |
From 171ffdde8be590f784086a021a7e6f36c4ecdb4b Mon Sep 17 00:00:00 2001
|
|
|
a81d13 |
From: Eric Blake <eblake@redhat.com>
|
|
|
a81d13 |
Date: Fri, 12 Mar 2021 17:00:58 -0600
|
|
|
a81d13 |
Subject: [PATCH] security: Document assignment of CVE-2021-20286
|
|
|
a81d13 |
|
|
|
a81d13 |
Now that we finally have a CVE number, it's time to document
|
|
|
a81d13 |
the problem (it's low severity, but still a denial of service).
|
|
|
a81d13 |
|
|
|
a81d13 |
Fixes: fb4440de9cc7 (opt_go: Tolerate unplanned server death)
|
|
|
a81d13 |
(cherry picked from commit 40308a005eaa6b2e8f98da8952d0c0cacc51efde)
|
|
|
a81d13 |
---
|
|
|
a81d13 |
docs/libnbd-security.pod | 8 +++++++-
|
|
|
a81d13 |
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
a81d13 |
|
|
|
a81d13 |
diff --git a/docs/libnbd-security.pod b/docs/libnbd-security.pod
|
|
|
a81d13 |
index d8ead87..0cae846 100644
|
|
|
a81d13 |
--- a/docs/libnbd-security.pod
|
|
|
a81d13 |
+++ b/docs/libnbd-security.pod
|
|
|
a81d13 |
@@ -22,6 +22,12 @@ L<https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html>
|
|
|
a81d13 |
See the full announcement here:
|
|
|
a81d13 |
L<https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html>
|
|
|
a81d13 |
|
|
|
a81d13 |
+=head2 CVE-2021-20286
|
|
|
a81d13 |
+denial of service when using L<nbd_set_opt_mode(3)>
|
|
|
a81d13 |
+
|
|
|
a81d13 |
+See the full announcement here:
|
|
|
a81d13 |
+L<https://listman.redhat.com/archives/libguestfs/2021-March/msg00092.html>
|
|
|
a81d13 |
+
|
|
|
a81d13 |
=head1 SEE ALSO
|
|
|
a81d13 |
|
|
|
a81d13 |
L<libnbd(3)>.
|
|
|
a81d13 |
@@ -34,4 +40,4 @@ Richard W.M. Jones
|
|
|
a81d13 |
|
|
|
a81d13 |
=head1 COPYRIGHT
|
|
|
a81d13 |
|
|
|
a81d13 |
-Copyright (C) 2019 Red Hat Inc.
|
|
|
a81d13 |
+Copyright (C) 2019-2021 Red Hat Inc.
|
|
|
a81d13 |
--
|
|
|
a81d13 |
2.31.1
|
|
|
a81d13 |
|