Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5100-1:0993A
HistoryMar 12, 2022 - 4:00 p.m.

[SECURITY] [DSA 5100-1] nbd security update

2022-03-1216:00:24
lists.debian.org
26
nbd
security update
debian
cve-2022-26495
cve-2022-26496
execution of arbitrary code
oldstable distribution
stable distribution
upgrade
security tracker

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.005

Percentile

75.2%

JSON

Debian Security Advisory DSA-5100-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
March 12, 2022 https://www.debian.org/security/faq

Package : nbd
CVE ID : CVE-2022-26495 CVE-2022-26496
Debian Bug : 1003863 1006915

Two vulnerabilities were discovered in the server for the Network Block
Device (NBD), which could result in the execution of arbitrary code.

For the oldstable distribution (buster), these problems have been fixed
in version 1:3.19-3+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 1:3.21-1+deb11u1.

We recommend that you upgrade your nbd packages.

For the detailed security status of nbd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nbd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10armhfnbd-client-udeb< 1:3.19-3+deb10u1nbd-client-udeb_1:3.19-3+deb10u1_armhf.deb
Debian11armelnbd-client-dbgsym< 1:3.21-1+deb11u1nbd-client-dbgsym_1:3.21-1+deb11u1_armel.deb
Debian11i386nbd-client< 1:3.21-1+deb11u1nbd-client_1:3.21-1+deb11u1_i386.deb
Debian10amd64nbd-client-udeb< 1:3.19-3+deb10u1nbd-client-udeb_1:3.19-3+deb10u1_amd64.deb
Debian10mipselnbd-client< 1:3.19-3+deb10u1nbd-client_1:3.19-3+deb10u1_mipsel.deb
Debian10amd64nbd-server-dbgsym< 1:3.19-3+deb10u1nbd-server-dbgsym_1:3.19-3+deb10u1_amd64.deb
Debian11armelnbd-server< 1:3.21-1+deb11u1nbd-server_1:3.21-1+deb11u1_armel.deb
Debian11amd64nbd-server< 1:3.21-1+deb11u1nbd-server_1:3.21-1+deb11u1_amd64.deb
Debian11arm64nbd-server-dbgsym< 1:3.21-1+deb11u1nbd-server-dbgsym_1:3.21-1+deb11u1_arm64.deb
Debian9armhfnbd-client< 1:3.15.2-3+deb9u1nbd-client_1:3.15.2-3+deb9u1_armhf.deb
Rows per page:
1-10 of 1131

Related

openvas 8
nessus 5
suse 1
mageia 1
osv 6
ubuntu 1
fedora 3
redos 1
gentoo 1
cvelist 2
debian 1
alpinelinux 2
debiancve 2
nvd 2
packetstorm 1
prion 2
ubuntucve 2
cve 2
openvas
openvas
Debian: Security Advisory (DSA-5100-1)
2022-03-15 00:00:00
Mageia: Security Advisory (MGASA-2022-0403)
2022-11-02 00:00:00
openSUSE: Security Advisory for nbd (SUSE-SU-2022:1276-1)
2022-04-21 00:00:00
nessus
nessus
Debian DSA-5100-1 : nbd - security update
2022-03-14 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : NBD vulnerabilities (USN-5323-1)
2022-03-14 00:00:00
openSUSE 15 Security Update : nbd (SUSE-SU-2022:1276-1)
2023-01-20 00:00:00
suse
suse
Security update for nbd (important)
2022-04-20 00:00:00
mageia
mageia
Updated nbd packages fix security vulnerability
2022-11-02 01:58:59
osv
osv
nbd - security update
2022-03-12 00:00:00
nbd vulnerabilities
2022-03-14 10:54:31
CVE-2022-26496
2022-03-06 06:15:07
ubuntu
ubuntu
NBD vulnerabilities
2022-03-14 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: nbd-3.24-1.fc34
2022-03-16 15:59:44
[SECURITY] Fedora 36 Update: nbd-3.24-1.fc36
2022-03-26 15:43:49
[SECURITY] Fedora 35 Update: nbd-3.24-1.fc35
2022-03-16 16:26:09
redos
redos
ROS-20220329-04
2022-03-29 00:00:00
gentoo
gentoo
NBD Tools: Multiple Vulnerabilities
2024-02-04 00:00:00
cvelist
cvelist
CVE-2022-26496
2022-03-06 00:00:00
CVE-2022-26495
2022-03-06 00:00:00
debian
debian
[SECURITY] [DLA 2944-1] nbd security update
2022-03-10 17:44:53
alpinelinux
alpinelinux
CVE-2022-26495
2022-03-06 06:15:07
CVE-2022-26496
2022-03-06 06:15:07
debiancve
debiancve
CVE-2022-26496
2022-03-06 06:15:07
CVE-2022-26495
2022-03-06 06:15:07
nvd
nvd
CVE-2022-26496
2022-03-06 06:15:07
CVE-2022-26495
2022-03-06 06:15:07
packetstorm
packetstorm
Shannon Baseband fmtp SDP Attribute Memory Corruption
2023-05-04 00:00:00
prion
prion
Stack overflow
2022-03-06 06:15:00
Integer overflow
2022-03-06 06:15:00
ubuntucve
ubuntucve
CVE-2022-26496
2022-03-06 00:00:00
CVE-2022-26495
2022-03-06 00:00:00
cve
cve
CVE-2022-26496
2022-03-06 06:15:07
CVE-2022-26495
2022-03-06 06:15:07

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.005

Percentile

75.2%

JSON
Related for DEBIAN:DSA-5100-1:0993A
openvas8nessus5suse1mageia1osv6ubuntu1fedora3redos1gentoo1cvelist2debian1alpinelinux2debiancve2nvd2packetstorm1prion2ubuntucve2cve2