Debian Nbd vulnerabilities

CVE-2022-26495 [CRITICAL] CVE-2022-26495: nbd - In nbd-server in nbd before 3.24, there is an integer overflow with a resultant ... In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. Scope: local bookworm:

CVE-2022-26496 [CRITICAL] CVE-2022-26496: nbd - In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An att... In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name. Scope: local bookworm: resolved (fixed in 1:3.24-1) bullseye: resolved (fixed in 1:3.21-1+deb11u1) forky: resolved (fi

CVE-2015-0847 [HIGH] CVE-2015-0847: nbd - nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly ... nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors. Scope: local bookworm: resolved (fixed in 1:3.10-1) bullseye: resolved (fixed in 1:3.10-1) forky: resolved (fixed in 1:3.10-1) sid: resolved (fixed in 1:3.10-1) trixie: resolved (fixe

CVE-2013-7441 [HIGH] CVE-2013-7441: nbd - The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through... The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export. Scope: local bookworm: resolved (fixed in 1:3.4-1) bullseye: resolved (fixed in 1:3.4-1) forky: resolved (fi

CVE-2013-6410 [HIGH] CVE-2013-6410: nbd - nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP a... nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file. Scope: local bookworm: resolved (fixed in 1:3.5-1) bullseye: resolved (fixed in 1:3.5-1) forky: resolved (fixed in 1:3.5-1) sid: re

CVE-2011-0530 [HIGH] CVE-2011-0530: nbd - Buffer overflow in the mainloop function in nbd-server.c in the server in Networ... Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression. Scope: local bookworm: resolved (fixed in 1:2.9.16-8) bullseye: resolved (fixed in 1:2.9.16-8) forky: resolved (fixed in

CVE-2011-1925 [MEDIUM] CVE-2011-1925: nbd - nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers... nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export. Scope: local bookworm: resolved (fixed in 1:2.9.22-1) bullseye: resolved (fixed in 1:2.9.22-1) forky: resolved (fixed in 1:2.9.

CVE-2005-3534 [HIGH] CVE-2005-3534: nbd - Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and ... Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header. Scope: local bookworm: resolved (fixed in 1:2.8.3-1) bullseye: resolved (fixed in 1:2.8.3-1