11 matches found
Fedora 37 : nbd (2022-e1ce6f6d88)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e1ce6f6d88 advisory. Automatic update for nbd-3.24-1.fc37. Changelog Tue Mar 8 2022 Robin Lee 3.24-1 - Update to 3.24: fix CVE-2022-26495RHBZ2061541,...
openSUSE 15 Security Update : nbd (SUSE-SU-2022:1276-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1276-1 advisory. - In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name lengt...
openSUSE: Security Advisory for nbd (SUSE-SU-2022:1276-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for nbd (FEDORA-2022-263873fb70)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for nbd (FEDORA-2022-62adf9a1e0)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian DSA-5100-1 : nbd - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5100 advisory. - In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field...
[SECURITY] [DSA 5100-1] nbd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5100-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2022 https://www.debian.org/security/faq -...
Debian: Security Advisory (DLA-2944-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2944-1] nbd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2944-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 10, 2022 https://wiki.debian.org/LTS -...
CVE-2022-26495
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBDOPTINFO,...
CVE-2022-26495
The CVE-2022-26495 issue affects the NBD Tools’ server (nbd-server) in versions before 3.24, caused by an integer overflow in the name length handling that yields a heap-based buffer overflow. Specifically, a name length value of 0xffffffff can allocate a zero-sized buffer for the name, leading t...