CVE-2015-0847

2015-05-2915:59:00

CWE-17

[email protected]

web.nvd.nist.gov

cve-2015-0847

network block device

nbd-server

denial of service

deadlock

signal handling

remote attackers

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.023 Low

EPSS

Percentile

89.7%

JSON

nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.

CPENameOperatorVersion
canonical:ubuntu_linuxcanonical ubuntu linuxeq12.04
canonical:ubuntu_linuxcanonical ubuntu linuxeq14.10
canonical:ubuntu_linuxcanonical ubuntu linuxeq14.04
canonical:ubuntu_linuxcanonical ubuntu linuxeq15.04
wouter_verhelst:nbdwouter verhelst nbdle3.10

CPE	Name	Operator	Version
canonical:ubuntu_linux	canonical ubuntu linux	eq	12.04
canonical:ubuntu_linux	canonical ubuntu linux	eq	14.10
canonical:ubuntu_linux	canonical ubuntu linux	eq	14.04
canonical:ubuntu_linux	canonical ubuntu linux	eq	15.04
wouter_verhelst:nbd	wouter verhelst nbd	le	3.10