CVE-2025-47712
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-08-21
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nbdkit_project | nbdkit | * |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 9.0 |
| redhat | enterprise_linux | 10.0 |
| redhat | enterprise_linux_advanced_virtualization | 8.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-190 | The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the nbdkit blocksize filter component of the Network Block Device toolkit. It occurs when a client sends a block status request for a very large data range that exceeds the maximum size a 32-bit variable can hold (around 4GB). Due to an integer overflow, the block size value wraps around to zero, causing an internal assertion failure in nbdkit. This leads to a denial of service (DoS) condition where the service crashes or becomes unavailable. [1]
How can this vulnerability impact me? :
The vulnerability can cause a denial of service (DoS) by crashing the nbdkit service when it processes an oversized block status request. This means that an attacker or a client sending such a request can make the nbdkit service unavailable, potentially disrupting applications or systems relying on it for network block device operations. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for client requests to the nbdkit service that request block status information for data ranges exceeding 4GB (2^32 minus the minimum blocksize). Detection involves checking logs or network traffic for unusually large block status requests that may trigger the integer overflow. Specific commands are not provided in the resources, but you can use network monitoring tools like tcpdump or Wireshark to capture and analyze NBD protocol traffic for large block status requests. Additionally, reviewing nbdkit logs for assertion failures or crashes may indicate exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating nbdkit to a version where this vulnerability is fixed, if available. If an update is not immediately possible, restrict or monitor client requests to prevent block status queries exceeding the 4GB threshold. Applying network-level controls to limit or block suspicious oversized requests to the nbdkit service can reduce risk. Also, consider restarting the nbdkit service if it crashes due to this issue and monitoring for repeated crashes. [1]