CVE-2022-0485

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image.

References

Affected packages

Git / github.com/libguestfs/libnbd

Affected ranges

Type

GIT

Repo

https://github.com/libguestfs/libnbd

Events

Introduced

Fixed

58e0c284e5ebcff101cd3b1f8fc7232f68202b66

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.11.8"
        }
    ]
}

Type
Repo: https://gitlab.com/nbdkit/libnbd
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8d444b41d09a700c7ee6f9182a649f3f2d325abb

Affected versions

v0.*

v0.1

v0.1.1

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.9.6

v0.9.7

v0.9.8

v0.9.9

v1.*

v1.0.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.1.5

v1.1.6

v1.1.7

v1.1.8

v1.1.9

v1.10.0

v1.11.1

v1.11.2

v1.11.3

v1.11.4

v1.11.5

v1.11.6

v1.11.7

v1.2.0

v1.3.1

v1.3.10

v1.3.11

v1.3.12

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.5.9

v1.6.0

v1.7.1

v1.7.10

v1.7.11

v1.7.12

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.7.7

v1.7.8

v1.7.9

v1.8.0

v1.9.1

v1.9.2

v1.9.3

v1.9.4

v1.9.5

v1.9.6

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0485.json"