48 matches found
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50118)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50118 advisory. - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501...
CVE-2025-40080
CVE-2025-40080 affects the Linux kernel NBD subsystem, where sockets were restricted to TCP/UDP. The root cause was mitigated by a commit that verifies the socket type during setup and ensures the socket supports shutdown(), explicitly accepting TCP and UNIX stream sockets. Public advisories indi...
EUVD-2019-5966
Malware in sbrugna...
[SECURITY] Fedora 41 Update: nbdkit-1.40.6-1.fc41
NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...
[SECURITY] Fedora 42 Update: nbdkit-1.42.3-1.fc42
NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...
Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...
libnbd security update
An update is available for libnbd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Block Device NBD is a protocol for accessing Block Devices hard disks...
RLSA-2024:6757 Moderate: libnbd security update
Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: NBD server improper certificate validation CVE-2024-7383 For more details about the securit...
ROS-20240923-07
NBD protocol vulnerability in libnbd library is related to incorrect verification of NBD server certificate when using TLS to connect to NBD server. using TLS to connect to the NBD server. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the integrity of the...
ALSA-2024:6757 Moderate: libnbd security update
Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: NBD server improper certificate validation CVE-2024-7383 For more details about the securit...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12604)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12604 advisory. - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves: rhbz2045718 - Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. -...
[SECURITY] Fedora 40 Update: libnbd-1.20.2-1.fc40
NBD =E2=80=94 Network Block Device =E2=80=94 is a protocol for accessing Bloc k Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and asynchronous APIs, both for ease of...
Moderate: Red Hat Security Advisory: libnbd security update
An update for libnbd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: libnbd security update
Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: Malicious NBD server may crash libnbd CVE-2023-5871 libnbd: Crash or misbehaviour when NBD...
ALSA-2024:2204 Moderate: libnbd security update
Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: Malicious NBD server may crash libnbd CVE-2023-5871 libnbd: Crash or misbehaviour when NBD...
UBUNTU-CVE-2023-5871
A flaw was found in libnbd, due to a malicious Network Block Device NBD, a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service...
CVE-2023-5871 Libnbd: malicious nbd server may crash libnbd
A flaw was found in libnbd, due to a malicious Network Block Device NBD, a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service...
Denial Of Service
libnbd is vulnerable to Denial of Service DoS. The vulnerability is due to a flaw in the handling of 64-bit extended headers in the NBD protocol when dealing with large flag values in the server's reply to the NBDCMDBLOCKSTATUS command...
nbdkit bug fix update
An update is available for nbdkit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Block Device NBD is a protocol for accessing hard disks and other...
CVE-2022-26496
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBDOPTINFO or NBDOPTGO message with an large value as the length of the name...