MGASA-2024-0174

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0174.html

Import Source

https://advisories.mageia.org/MGASA-2024-0174.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2024-0174

Related

CVE-2023-5215

Published

2024-05-10T16:09:48Z

Modified

2024-05-10T15:29:43Z

Summary

Updated libnbd packages fix security vulnerability

Details

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbdgetsize() function correctly. (CVE-2023-5215)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / libnbd

Package

Name: libnbd
Purl: pkg:rpm/mageia/libnbd?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.15.8-3.1.mga9

Ecosystem specific

{
    "section": "core"
}