RedosROS-20220329-04ROS-20220329-04
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
75.2%
Vulnerability in nbd network block device implementation, related to stack-based buffer overflow during
NBD_OPT_INFO or NBD_OPT_GO messages. Exploitation of the vulnerability could allow an attacker,
acting remotely and not authenticated, to pass specially crafted data to an application, causing a buffer overflow.
application, cause a stack-based buffer overflow, and execute arbitrary code on the target system
Vulnerability in nbd network block device implementation, related to integer overflow during processing of
NBD_OPT_INFO, NBD_OPT_GO and NBD_OPT_EXPORT_NAME messages. Exploitation of the vulnerability could allow
an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and perform an
integer overflow and execute arbitrary code on the target system
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
75.2%