CVE-2011-1925 — NBD vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

1.4%

top 19.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wouter Verhelst NBD Debian NBD

Timeline

PublishedMay 31

Latest updateMay 17

Description

nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/nbd< nbd 1:2.9.22-1 (bookworm)

▶Debianwouter_verhelst/nbd< 1:2.9.22-1+3

▶NVDwouter_verhelst/nbd2.9.21

🔴Vulnerability Details

GHSA

GHSA-4c65-9qmh-v9h5: nbd-server↗2022-05-17

▶

OSV

CVE-2011-1925: nbd-server↗2011-05-31

▶

📋Vendor Advisories

Debian

CVE-2011-1925: nbd - nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers...↗2011

▶