rpm package
opensuse/nbd&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/nbd&distro=openSUSE%20Leap%2015.3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-26496 | — | < 3.24-150000.3.3.1 | 3.24-150000.3.3.1 | Mar 6, 2022 | In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name. | ||
| CVE-2022-26495 | — | < 3.24-150000.3.3.1 | 3.24-150000.3.3.1 | Mar 6, 2022 | In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists fo |
- CVE-2022-26496Mar 6, 2022affected < 3.24-150000.3.3.1fixed 3.24-150000.3.3.1
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.
- CVE-2022-26495Mar 6, 2022affected < 3.24-150000.3.3.1fixed 3.24-150000.3.3.1
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists fo