Lucene search

K
rosalinuxROSA LABROSA-SA-2024-2327
HistoryJan 23, 2024 - 12:24 p.m.

Advisory ROSA-SA-2024-2327

2024-01-2312:24:39
ROSA LAB
abf.rosalinux.ru
2
libnbd library
rosa virtualization
cve-2022-0485
exception handling flaw
remote attacker
corrupt target images
yum update

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.6%

Software: libnbd 1.6.0
OS: ROSA Virtualization 2.1

package_evr_string: libnbd-1.6.0-5.rv3.src.rpm

CVE-ID: CVE-2022-0485
BDU-ID: 2022-01701
CVE-Crit: LOW
CVE-DESC.: A vulnerability in the libnbd library’s nbdcopy tool is related to an exception handling flaw. Exploitation of the vulnerability could allow an attacker acting remotely to automatically create corrupt target images
CVE-STATUS: Fixed
CVE-REV: To close, run yum update libnbd

OSVersionArchitecturePackageVersionFilename
ROSAanynoarchlibnbd<Β 1.6.0UNKNOWN