Oval Definition:oval:org.opensuse.security:def:20213716
Revision Date:2022-06-30Version:1
Title:CVE-2021-3716
Description:

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-3716
SUSE CVE-2021-3716
Platform(s):openSUSE Leap 15.4
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • nbdkit-1.27.8-1.2 is installed
  • OR nbdkit-bash-completion-1.27.8-1.2 is installed
  • OR nbdkit-basic-filters-1.27.8-1.2 is installed
  • OR nbdkit-basic-plugins-1.27.8-1.2 is installed
  • OR nbdkit-curl-plugin-1.27.8-1.2 is installed
  • OR nbdkit-devel-1.27.8-1.2 is installed
  • OR nbdkit-example-plugins-1.27.8-1.2 is installed
  • OR nbdkit-gzip-filter-1.27.8-1.2 is installed
  • OR nbdkit-nbd-plugin-1.27.8-1.2 is installed
  • OR nbdkit-python-plugin-1.27.8-1.2 is installed
  • OR nbdkit-server-1.27.8-1.2 is installed
  • OR nbdkit-ssh-plugin-1.27.8-1.2 is installed
  • OR nbdkit-tar-filter-1.27.8-1.2 is installed
  • OR nbdkit-tmpdisk-plugin-1.27.8-1.2 is installed
  • OR nbdkit-vddk-plugin-1.27.8-1.2 is installed
  • OR nbdkit-xz-filter-1.27.8-1.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • nbdkit-1.29.4-150400.1.4 is installed
  • AND nbdkit is signed with openSUSE key
  • OR
  • nbdkit-basic-filters-1.29.4-150400.1.4 is installed
  • AND nbdkit-basic-filters is signed with openSUSE key
  • OR
  • nbdkit-basic-plugins-1.29.4-150400.1.4 is installed
  • AND nbdkit-basic-plugins is signed with openSUSE key
  • OR
  • nbdkit-curl-plugin-1.29.4-150400.1.4 is installed
  • AND nbdkit-curl-plugin is signed with openSUSE key
  • OR
  • nbdkit-python-plugin-1.29.4-150400.1.4 is installed
  • AND nbdkit-python-plugin is signed with openSUSE key
  • OR
  • nbdkit-server-1.29.4-150400.1.4 is installed
  • AND nbdkit-server is signed with openSUSE key
  • OR
  • nbdkit-ssh-plugin-1.29.4-150400.1.4 is installed
  • AND nbdkit-ssh-plugin is signed with openSUSE key
  • OR
  • nbdkit-vddk-plugin-1.29.4-150400.1.4 is installed
  • AND nbdkit-vddk-plugin is signed with openSUSE key
    • BACK