http://bugzilla.suse.com/show_bug.cgi?id=931987 Bug ID: 931987 Summary: VUL-0: CVE-2013-7441: nbd: NBD server terminates on SIGPIPE during negotiation Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: ms@suse.com Reporter: abergmann@suse.com QA Contact: qa-bugs@suse.de Found By: Security Response Team Blocker: --- rh#1224074 / CVE-2013-7441 -------------------------------------------- A denial of service flaw was found in nbd: "The listener/root server process terminates on SIGPIPE during negotiation. This is hardly the desired behavior, since any malfunctioning client can brought the listener server down by closing the socket unexpectedly." Additional information: http://sourceforge.net/p/nbd/mailman/message/30410146/ Upstream patch: https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4 -------------------------------------------- References: https://bugzilla.redhat.com/show_bug.cgi?id=1224074 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7441 http://seclists.org/oss-sec/2015/q2/516 http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-7441.html -- You are receiving this mail because: You are on the CC list for the bug.