CVE-2022-26496
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
06/03/2022
Last modified:
04/02/2024
Description
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:network_block_device_project:network_block_device:*:*:*:*:*:*:*:* | 3.24 (excluding) | |
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/172148/Shannon-Baseband-fmtp-SDP-Attribute-Memory-Corruption.html
- https://lists.debian.org/nbd/2022/01/msg00036.html
- https://lists.debian.org/nbd/2022/01/msg00037.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G2UPX62BIWOOHSACGUDB7E3O4URNN37F/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZHR73XMAJTCFGKUZRXVTZKCK2X3IFNA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU5JFD4PEJED72TZLZ5R2Q2SFXICU5I5/
- https://security.gentoo.org/glsa/202402-10
- https://sourceforge.net/projects/nbd/files/nbd/
- https://www.debian.org/security/2022/dsa-5100