Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 41 nbdkit 2025-bc02ec32fb moderate: Denial of Service risk

fedora
Calendar Grey May 26, 2025
Dist Fedora Esm H88
Fedora update for nbdkit 1.40.6 addresses Denial of Service risks with essential patches for enhanced security.
New upstream stable branch version 1.40.6

Summary

NBD is a protocol for accessing block devices (hard disks and

disk-like things) over the network.

nbdkit is a toolkit for creating NBD servers.

The key features are:

* Multithreaded NBD server written in C with good performance.

* Minimal dependencies for the basic server.

* Liberal license (BSD) allows nbdkit to be linked to proprietary

libraries or included in proprietary code.

* Well-documented, simple plugin API with a stable ABI guarantee.

Lets you to export "unconventional" block devices easily.

* You can write plugins in C or many other languages.

* Filters can be stacked in front of plugins to transform the output.

* Server can run standalone or can be invoked from other programs.

'nbdkit' is a meta-package which pulls in the core server and a

useful subset of plugins and filters with minimal dependencies.

If you want just the server, install 'nbdkit-server'.

To develop plugins, install the 'nbdkit-devel' package and start by

reading the nbdkit(1) and nbdkit-plugin(3) manual pages.

Update Information:

New upstream stable branch version 1.40.6

Topics%20covered

Topics Covered

security advisory denial of service fedora update notification nbd block device

Change Log

* Sat May 10 2025 Richard W.M. Jones - 1.40.6-1 - New upstream stable branch version 1.40.6

References


[ 1 ] Bug #2365691 - CVE-2025-47711 nbdkit: off-by-one error when processing block status may lead to a Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2365691 [ 2 ] Bug #2365726 - CVE-2025-47712 nbdkit: Integer overflow triggers an assertion resulting in Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2365726

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-bc02ec32fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: nbdkit
Product: Fedora 41
Version: 1.40.6
Release: 1.fc41
URL: https://gitlab.com/nbdkit/nbdkit
Summary: NBD server

Topics%20covered

Topics Covered

security advisory denial of service fedora update notification nbd block device

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here