CVE-2022-26496

🗓️ 06 Mar 2022 06:15:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 26 Views

nbd-server stack-based buffer overflow CVE-2022-2649

Reporter	Title	Published	Views	Family All 46
ATTACKERKB	CVE-2022-26496	6 Mar 202206:15	–	attackerkb
AlpineLinux	CVE-2022-26496	6 Mar 202200:00	–	alpinelinux
AstraLinux	Astra Linux – Vulnerability in NBD	19 Jun 202611:10	–	astralinux
BDU FSTEC	The vulnerability of the nbd network device implementation lies in the overflow of the buffer in the stack, allowing an attacker to execute arbitrary code.	31 Mar 202200:00	–	bdu_fstec
CNNVD	nbd 缓冲区错误漏洞	6 Mar 202200:00	–	cnnvd
CNVD	nbd buffer overflow vulnerability	8 Mar 202200:00	–	cnvd
CVE	CVE-2022-26496	6 Mar 202200:00	–	cve
Cvelist	CVE-2022-26496	6 Mar 202200:00	–	cvelist
Debian	[SECURITY] [DSA 5100-1] nbd security update	12 Mar 202216:00	–	debian
Debian CVE	CVE-2022-26496	6 Mar 202200:00	–	debiancve

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	21.10	any	nbd	1:3.21-1ubuntu0.1	nbd_1:3.21-1ubuntu0.1_any.deb
Ubuntu	18.04	any	nbd	1:3.16.2-1ubuntu0.2	nbd_1:3.16.2-1ubuntu0.2_any.deb
Ubuntu	20.04	any	nbd	1:3.20-1ubuntu0.1	nbd_1:3.20-1ubuntu0.1_any.deb
Ubuntu	22.10	any	nbd	1:3.23-3ubuntu1	nbd_1:3.23-3ubuntu1_any.deb
Ubuntu	23.04	any	nbd	1:3.23-3ubuntu1	nbd_1:3.23-3ubuntu1_any.deb
Ubuntu	14.04	any	nbd	0	nbd_0_any.deb
Ubuntu	22.04	any	nbd	1:3.23-3ubuntu1	nbd_1:3.23-3ubuntu1_any.deb
Ubuntu	16.04	any	nbd	0	nbd_0_any.deb
Ubuntu	23.10	any	nbd	1:3.23-3ubuntu1	nbd_1:3.23-3ubuntu1_any.deb
Ubuntu	24.04	any	nbd	1:3.23-3ubuntu1	nbd_1:3.23-3ubuntu1_any.deb

Source	Link
lists	www.lists.debian.org/nbd/2022/01/msg00036.html
lists	www.lists.debian.org/nbd/2022/01/msg00037.html
sourceforge	www.sourceforge.net/projects/nbd/files/nbd/
ubuntu	www.ubuntu.com/security/notices/USN-5323-1
cve	www.cve.org/CVERecord

18 Aug 2025 17:19Current

7.6High risk

Vulners AI Score7.6

CVSS 27.5

CVSS 3.19.8

EPSS0.0347

nbd-server buffer overflow cve-2022-26496 nbd protocol debian unix