Lucene search
RedhatCVELIST:CVE-2023-5871HistoryNov 27, 2023 - 11:58 a.m.
CVE-2023-5871 Libnbd: malicious nbd server may crash libnbd
2023-11-2711:58:44
CWE-617
redhat
www.cve.org
6
libnbd
malicious server
denial of service
nbd protocol
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
22.9%
A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libnbd",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.18.1-3.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libnbd",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libnbd",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "virt:rhel/libnbd",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
}
]Related
openvas
openvas
openSUSE: Security Advisory for libnbd (SUSE-SU-2023:4463-1)
2024-03-04 00:00:00
Fedora: Security Advisory (FEDORA-2023-00c130636a)
2023-11-09 00:00:00
debiancve
debiancve
CVE-2023-5871
2023-11-27 12:15:07
prion
prion
Hardcoded credentials
2023-11-27 12:15:00
nvd
nvd
CVE-2023-5871
2023-11-27 12:15:07
osv
osv
libnbd-1.18.1-2.1 on GA media
2024-06-15 00:00:00
Moderate: libnbd security update
2024-04-30 00:00:00
veracode
veracode
Denial Of Service
2023-11-09 09:15:13
cve
cve
CVE-2023-5871
2023-11-27 12:15:07
redhatcve
redhatcve
CVE-2023-5871
2023-11-01 01:42:58
nessus
nessus
Fedora 39 : libnbd (2023-00c130636a)
2023-11-09 00:00:00
openSUSE 15 Security Update : libnbd (SUSE-SU-2023:4463-1)
2023-11-17 00:00:00
RHEL 9 : libnbd (RHSA-2024:2204)
2024-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: libnbd-1.18.1-2.fc39
2023-11-09 01:22:30
ubuntucve
ubuntucve
CVE-2023-5871
2023-11-27 00:00:00
almalinux
almalinux
Moderate: libnbd security update
2024-04-30 00:00:00
oraclelinux
oraclelinux
libnbd security update
2024-05-02 00:00:00
redhat
redhat
(RHSA-2024:2204) Moderate: libnbd security update
2024-04-30 06:15:02
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
22.9%
Related for CVELIST:CVE-2023-5871