CVE-2005-3534 — Improper Restriction of Operations within the Bounds of a Memory Buffer in NBD

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents5 sources

Severity

7.5HIGHNVD

EPSS

13.9%

top 5.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wouter Verhelst NBD Debian NBD

Timeline

PublishedDec 22

Latest updateMay 17

Description

Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/nbd< nbd 1:2.9.16-8 (bookworm)+1

▶Debianwouter_verhelst/nbd< 1:2.8.3-1+7

▶NVDwouter_verhelst/nbd2.7.5+22

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-8p8p-8qmp-rfr2: Buffer overflow in the mainloop function in nbd-server↗2022-05-17

▶

GHSA

GHSA-96w8-f5p6-mqmw: Buffer overflow in the Network Block Device (nbd) server 2↗2022-05-01

▶

OSV

CVE-2011-0530: Buffer overflow in the mainloop function in nbd-server↗2011-02-22

▶

OSV

CVE-2005-3534: Buffer overflow in the Network Block Device (nbd) server 2↗2005-12-22

▶

📋Vendor Advisories

Debian

CVE-2011-0530: nbd - Buffer overflow in the mainloop function in nbd-server.c in the server in Networ...↗2011

▶

Debian

CVE-2005-3534: nbd - Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and ...↗2005

▶

💬Community

Bugzilla

CVE-2011-0530 NBD: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version↗2011-01-28

▶

Bugzilla

NBD: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version [fedora-all]↗2011-01-28

▶