6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
10.4%
libnbd is vulnerable to Insecure Data Handling. The vulnerability is due to nbd_unlocked_get_size
function not sanitizing/checking data that sizes larger than INT64_MAX
. This could lead to potential Denial of service.
CPE | Name | Operator | Version |
---|---|---|---|
libnbd.so | eq | 0.0.0 | |
libnbd.so | eq | 0.0.0 | |
libnbd:edge | eq | 1.6.5-r0 | |
libnbd:edge | eq | 1.16.0-r0 | |
libnbd:edge | eq | 1.14.1-r0 | |
libnbd:edge | eq | 1.10.5-r0 | |
libnbd:edge | eq | 1.14.1-r1 | |
libnbd:edge | eq | 1.6.5-r1 |