771d9ffc13
resolves: RHEL-52728
41 lines
1.3 KiB
Diff
41 lines
1.3 KiB
Diff
From 171ffdde8be590f784086a021a7e6f36c4ecdb4b Mon Sep 17 00:00:00 2001
|
|
From: Eric Blake <eblake@redhat.com>
|
|
Date: Fri, 12 Mar 2021 17:00:58 -0600
|
|
Subject: [PATCH] security: Document assignment of CVE-2021-20286
|
|
|
|
Now that we finally have a CVE number, it's time to document
|
|
the problem (it's low severity, but still a denial of service).
|
|
|
|
Fixes: fb4440de9cc7 (opt_go: Tolerate unplanned server death)
|
|
(cherry picked from commit 40308a005eaa6b2e8f98da8952d0c0cacc51efde)
|
|
---
|
|
docs/libnbd-security.pod | 8 +++++++-
|
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/docs/libnbd-security.pod b/docs/libnbd-security.pod
|
|
index d8ead875..0cae8462 100644
|
|
--- a/docs/libnbd-security.pod
|
|
+++ b/docs/libnbd-security.pod
|
|
@@ -22,6 +22,12 @@ L<https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html>
|
|
See the full announcement here:
|
|
L<https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html>
|
|
|
|
+=head2 CVE-2021-20286
|
|
+denial of service when using L<nbd_set_opt_mode(3)>
|
|
+
|
|
+See the full announcement here:
|
|
+L<https://listman.redhat.com/archives/libguestfs/2021-March/msg00092.html>
|
|
+
|
|
=head1 SEE ALSO
|
|
|
|
L<libnbd(3)>.
|
|
@@ -34,4 +40,4 @@ Richard W.M. Jones
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
-Copyright (C) 2019 Red Hat Inc.
|
|
+Copyright (C) 2019-2021 Red Hat Inc.
|
|
--
|
|
2.43.0
|
|
|