Lucene search

K
redhatcveRedhat.comRH:CVE-2022-0485
HistoryFeb 03, 2022 - 5:53 p.m.

CVE-2022-0485

2022-02-0317:53:07
redhat.com
access.redhat.com
21

0.001 Low

EPSS

Percentile

49.6%

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image.

Mitigation

Use of nbdcopy --synchronous will avoid undetected data corruption, but comes at a potential performance cost by avoiding the speed benefits of asynchronous operations. See the upstream security advisory for more information.