+-- On Tue, 27 Jun 2017, Eric Blake wrote --+ | > $ qemu-nbd -x foo -f raw -t null-co:// & | > [1] 12726 | > $ qemu-io -c quit nbd://localhost/bar | > can't open device nbd://localhost/bar: No export with name 'bar' available | > [1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co:// | > | > In this case, the client sends an NBD_OPT_ABORT and closes the | > connection (because it is not required to wait for a reply), but the | > server replies with an NBD_REP_ACK (because it is required to reply). | > | > Signed-off-by: Max Reitz <mre...@redhat.com> | > --- | | As mentioned in another thread, I'm trying to figure out if this patch | belongs as a third patch to fix CVE-2017-9524, or whether we want to | open a second CVE by considering this a slightly different | denial-of-service attack than what my patches fixed.
Yes, this would be a separate issue, as it breaks 'qemu-nbd' server irrespective of whether 'CVE-2017-9524' fix is applied or not. I'll get a CVE assigned and process it further. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
