CVE-2025-47711 is an off-by-one error vulnerability found in the nbdkit server component of Red Hat Enterprise Linux 10. Nbdkit is a flexible Network Block Device (NBD) server that allows clients to access block devices over a network. The vulnerability arises during the handling of plugin responses that report the status of data blocks. Specifically, if a client issues a request for a very large data range, and the plugin responds with a single data block that is even larger than requested, the nbdkit server encounters an off-by-one boundary condition. This condition triggers a critical internal error, causing the server to crash or become unresponsive, resulting in a denial-of-service (DoS). The flaw does not affect confidentiality or integrity but impacts availability, as the server process may terminate unexpectedly. The vulnerability requires network access and low privileges (PR:L), but no user interaction is needed. The affected versions include nbdkit 1.11.10, 1.40.0, and 1.42.0 running on Red Hat Enterprise Linux 10. The CVSS v3.1 base score is 6.5, reflecting medium severity due to the ease of exploitation over the network and the impact on availability. No known exploits have been reported in the wild, but the vulnerability is publicly disclosed and should be addressed promptly. Mitigation involves updating to patched versions of nbdkit once available or applying configuration changes to limit the size of data requests and responses. This vulnerability is particularly relevant for organizations using nbdkit in production environments for network block storage services.

The primary impact of CVE-2025-47711 is a denial-of-service condition affecting the availability of the nbdkit server. Organizations relying on nbdkit for network block device services may experience service interruptions or crashes, potentially disrupting storage access for applications and users. This can lead to downtime in critical infrastructure, affecting business continuity and operational efficiency. Since the vulnerability does not affect confidentiality or integrity, data breaches or unauthorized data modifications are not expected. However, the loss of availability can have cascading effects, especially in environments where nbdkit is used for virtual machine storage, container storage backends, or other critical block storage services. The ease of exploitation over the network and lack of user interaction requirements increase the risk of automated attacks or scanning by threat actors. Although no exploits are currently known in the wild, the public disclosure increases the likelihood of future exploitation attempts. Organizations worldwide using Red Hat Enterprise Linux 10 with affected nbdkit versions should consider this a medium-risk threat to service availability.

1. Apply official patches or updates from Red Hat as soon as they become available to address CVE-2025-47711. 2. If patches are not immediately available, consider restricting network access to the nbdkit server to trusted hosts only, using firewall rules or network segmentation. 3. Implement monitoring and alerting for nbdkit server crashes or abnormal termination to enable rapid response and recovery. 4. Limit the maximum size of data range requests and plugin responses through configuration settings or custom plugin validation to prevent triggering the off-by-one error. 5. Conduct regular security audits and vulnerability scans to detect the presence of vulnerable nbdkit versions in your environment. 6. Use redundancy and failover mechanisms for critical storage services relying on nbdkit to minimize downtime in case of DoS. 7. Educate system administrators about this vulnerability and the importance of timely patching and monitoring. 8. Review and harden plugin implementations to ensure they do not respond with data blocks larger than requested, preventing exploitation of this flaw.