Qemu · Qemu · CVE-2020-10761
**Name of the Vulnerable Software and Affected Versions**
QEMU versions prior to 5.0.1
**Description**
An assertion failure issue was found in the Network Block Device (NBD) Server. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server, resulting in a denial of service.
**Recommendations**
For QEMU versions prior to 5.0.1, update to QEMU 5.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the NBD server to minimize the risk of exploitation.