CVE-2021-3716
First published: Tue Aug 17 2021(Updated: )
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nbdkit Project Nbdkit | >=1.11.8<1.24.6 | |
| Nbdkit Project Nbdkit | >=1.25.1<1.26.5 | |
| Nbdkit Project Nbdkit | >=1.27.1<1.27.6 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1994695
- https://gitlab.com/nbdkit/nbdkit/-/commit/09a13dafb7bb3a38ab52eb5501cba786365ba7fd
- https://gitlab.com/nbdkit/nbdkit/-/commit/6c5faac6a37077cf2366388a80862bb00616d0d8
- https://listman.redhat.com/archives/libguestfs/2021-August/msg00083.html
- https://www.openwall.com/lists/oss-security/2021/08/18/2
- https://nostarttls.secvuln.info/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1994695#c10
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1994928
- https://github.com/libguestfs/nbdkit/commit/eaa4c6e9a
- https://listman.redhat.com/archives/libguestfs/2021-August/msg00077.html
- https://access.redhat.com/errata/RHSA-2022:0397
- https://access.redhat.com/security/cve/cve-2021-3716
- https://access.redhat.com/errata/RHSA-2022:1759
Frequently Asked Questions
What is CVE-2021-3716?
CVE-2021-3716 is a vulnerability found in nbdkit that allows a MitM attacker to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying client requests to the server.
How does CVE-2021-3716 affect nbdkit?
CVE-2021-3716 affects nbdkit by improperly caching plaintext state across the STARTTLS encryption boundary, leading to potential termination of client connections.
What is the severity of CVE-2021-3716?
CVE-2021-3716 has a severity rating of 3.1 (low).
How can I fix CVE-2021-3716?
To fix CVE-2021-3716, upgrade nbdkit to version 1.24.6 or higher.
Where can I find more information about CVE-2021-3716?
You can find more information about CVE-2021-3716 at the following references: [link1], [link2], [link3].
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/remedy
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-3716
- agent/software-canonical-lookup
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/nbdkit project
- canonical/nbdkit project nbdkit
- version/nbdkit project nbdkit/1.11.8
- version/nbdkit project nbdkit/1.25.1
- version/nbdkit project nbdkit/1.27.1
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- package-manager/redhat