MEDIUM🇵🇱 Wersja polska

CVE-2023-5215

CVSS 5.3v3.1pub. 2023-09-28upd. 2024-11-21

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

CVSS Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Red Hat Enterprise Linux

    OS
    Redhat
    8.09.0
  • Red Hat Libnbd

    APP
    Redhat
    < 1.18.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2018-14667CRITICAL9.8⚠ KEVten sam produkt

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...

CVE-2014-7169CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...

CVE-2014-6271CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...