CVE-2021-3716 — Improper Enforcement of Message Integrity During Transmission in a Communication Channel in Project Nbdkit

CWE-924 — Improper Enforcement of Message Integrity During Transmission in a Communication Channel7 documents7 sources

Severity

3.1LOWNVD

EPSS

0.1%

top 75.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nbdkit Project Nbdkit Redhat Enterprise Linux

Timeline

PublishedMar 2

Latest updateMar 8

Description

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.6 | Impact: 1.4

Affected Packages3 packages

▶NVDnbdkit_project/nbdkit1.11.8 — 1.24.6+2

▶Debiannbdkit_project/nbdkit< 1.26.5-1+2

▶CVEListV5nbdkit_project/nbdkitAffects nbdkit v1.12 through v1.26.4 | Fixedin nbdkit v1.26.5

Also affects: Enterprise Linux 8.0

Patches

Patch: bugzilla.redhat.com ↗Patch: gitlab.com ↗Patch: gitlab.com ↗

🔴Vulnerability Details

GHSA

GHSA-3vpg-mwgf-4jvj: A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary↗2022-03-04

▶

OSV

CVE-2021-3716: A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary↗2022-03-02

▶

CVEList

CVE-2021-3716: A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary↗2022-03-02

▶

📋Vendor Advisories

Microsoft

▶

Red Hat

nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS↗2021-08-16

▶

Debian

CVE-2021-3716: nbdkit - A flaw was found in nbdkit due to to improperly caching plaintext state across t...↗2021

▶