VDB
GCVE-110-MAGEIA-2022-403
GCVE-110-MAGEIA-2022-403
Advisory Published
It was discovered that nbd prior to 3.24 contained an integer overflow
with a resultant heap-based buffer overflow. A value of 0xffffffff in the
name length field will cause a zero-sized buffer to be allocated for the
name resulting in a write to a dangling pointer (CVE-2022-26495).
Stack-based buffer overflow. An attacker can cause a buffer overflow in
the parsing of the name field by sending a crafted NBD_OPT_INFO or
NBD_OPT_GO message with an large value as the length of the name.
(CVE-2022-26496)
Packaging has been adjusted to create the required nbd user and group at
installation.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nbd | 0 (affected), 3.24-1.2.mga8 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.