CVE-2025-47711

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2025-47711	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2365687	Issue Tracking

Configurations

Configuration 1 (hide)

cpe:2.3:a:nbdkit_project:nbdkit:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:10.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_advanced_virtualization:8.0:::::::*

History

26 Aug 2025, 16:26

Type	Values Removed	Values Added
First Time		Nbdkit Project nbdkit Redhat enterprise Linux Redhat Nbdkit Project Redhat enterprise Linux Advanced Virtualization
References	~~() https://access.redhat.com/security/cve/CVE-2025-47711 -~~	() https://access.redhat.com/security/cve/CVE-2025-47711 - Vendor Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2365687 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2365687 - Issue Tracking
CPE		cpe:2.3:a:nbdkit_project:nbdkit:-:::::::* cpe:2.3:o:redhat:enterprise_linux:8.0:::::::* cpe:2.3:o:redhat:enterprise_linux_advanced_virtualization:8.0:::::::* cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux:10.0:::::::*

09 Jun 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-09 06:15

Updated : 2025-08-26 16:26

NVD link : CVE-2025-47711

Mitre link : CVE-2025-47711

CVE.ORG link : CVE-2025-47711

JSON object : View

Products Affected

redhat

enterprise_linux_advanced_virtualization
enterprise_linux

nbdkit_project

nbdkit

CWE

CWE-193

Off-by-one Error

{"id": "CVE-2025-47711", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-06-09T06:15:25.320", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-47711", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365687", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-193"}]}], "descriptions": [{"lang": "en", "value": "There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service."}, {"lang": "es", "value": "Existe una falla en el servidor nbdkit al gestionar las respuestas de sus complementos sobre el estado de los bloques de datos. Si un cliente realiza una solicitud espec\u00edfica para un rango de datos muy grande y un complemento responde con un bloque a\u00fan mayor, el servidor nbdkit puede encontrar un error interno cr\u00edtico que provoque una denegaci\u00f3n de servicio."}], "lastModified": "2025-08-26T16:26:35.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nbdkit_project:nbdkit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5312E2C-4BD8-45EE-8D28-6ED75541E48B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_advanced_virtualization:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4A47F8A-43BF-44A4-A465-14C7653BC11E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}