7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.4 Medium
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.9%
Package : nbd
Version : 1:2.9.16-8+squeeze2
CVE ID : CVE-2015-0847
Debian Bug : 784657
A vulnerability has been discovered in nbd-server, the server for the
Linux Network Block Device.
CVE-2015-0847
Tuomas Räsänen discovered that unsafe signal handling is present in
nbd-server. This vulnerability could be exploited by a remote client
to cause a denial of service.
For the oldoldstable distribution (squeeze), these problems have been
fixed in version 1:2.9.16-8+squeeze2.
For the oldstable, stable, and testing distributions, these problems
will be fixed soon.
We recommend that you upgrade your nbd-server packages.
–
Wouter Verhelst
Attachment:
signature.asc
Description: Digital signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | nbd | < 1:2.9.16-8+squeeze2 | nbd_1:2.9.16-8+squeeze2_all.deb |
Debian | 7 | mipsel | nbd-server | < 1:3.2-4~deb7u5 | nbd-server_1:3.2-4~deb7u5_mipsel.deb |
Debian | 8 | mips | nbd-client | < 1:3.8-4+deb8u1 | nbd-client_1:3.8-4+deb8u1_mips.deb |
Debian | 7 | armel | nbd-client-udeb | < 1:3.2-4~deb7u5 | nbd-client-udeb_1:3.2-4~deb7u5_armel.deb |
Debian | 8 | armel | nbd-server | < 1:3.8-4+deb8u1 | nbd-server_1:3.8-4+deb8u1_armel.deb |
Debian | 7 | s390x | nbd-client-udeb | < 1:3.2-4~deb7u5 | nbd-client-udeb_1:3.2-4~deb7u5_s390x.deb |
Debian | 7 | sparc | nbd-client-udeb | < 1:3.2-4~deb7u5 | nbd-client-udeb_1:3.2-4~deb7u5_sparc.deb |
Debian | 7 | armhf | nbd-server | < 1:3.2-4~deb7u5 | nbd-server_1:3.2-4~deb7u5_armhf.deb |
Debian | 6 | amd64 | nbd-server | < 1:2.9.16-8+squeeze2 | nbd-server_1:2.9.16-8+squeeze2_amd64.deb |
Debian | 7 | ia64 | nbd-server | < 1:3.2-4~deb7u5 | nbd-server_1:3.2-4~deb7u5_ia64.deb |