rpm package

opensuse/nbd&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/nbd&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-26495	—	< 3.24-1.1	3.24-1.1	Mar 6, 2022	In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists fo
CVE-2015-0847	—	< 3.13-3.5	3.13-3.5	May 29, 2015	nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
CVE-2005-3534	—	< 3.21-1.7	3.21-1.7	Dec 22, 2005	Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply heade

CVE-2022-26495Mar 6, 2022
affected < 3.24-1.1fixed 3.24-1.1
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists fo
CVE-2015-0847May 29, 2015
affected < 3.13-3.5fixed 3.13-3.5
nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
CVE-2005-3534Dec 22, 2005
affected < 3.21-1.7fixed 3.21-1.7
Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply heade