[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [LIBNBD SECURITY PATCH 0/1] NBD Protocol Downgrade Attack in libnbd



On 9/16/19 2:06 PM, Eric Blake wrote:
> We discovered a possible Downgrade Attack in libnbd.
> 
> Lifecycle
> ---------
> 
> Reported: 2019-09-14  Fixed: 2019-09-16  Published: 2019-09-16
> 
> There is no CVE number assigned for this issue yet, but the bug is
> being categorized and processed by Red Hat's security team which may
> result in a CVE being published later.

CVE-2019-14842 has now been assigned.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]