Networkblockdeviceproject Network Block Device
By the Year
In 2024 there have been 0 vulnerabilities in Networkblockdeviceproject Network Block Device . Network Block Device did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 9.80 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Network Block Device vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Networkblockdeviceproject Network Block Device Security Vulnerabilities
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow
CVE-2022-26496
9.8 - Critical
- March 06, 2022
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.
Memory Corruption
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow
CVE-2022-26495
9.8 - Critical
- March 06, 2022
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages.
Integer Overflow or Wraparound
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Networkblockdeviceproject? Click the Watch button to subscribe.
