Advisories ยป MGASA-2022-0403

Updated nbd packages fix security vulnerability

Publication date: 01 Nov 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-26495 , CVE-2022-26496

Description

It was discovered that nbd prior to 3.24 contained an integer overflow
with a resultant heap-based buffer overflow. A value of 0xffffffff in the
name length field will cause a zero-sized buffer to be allocated for the
name resulting in a write to a dangling pointer (CVE-2022-26495).

Stack-based buffer overflow. An attacker can cause a buffer overflow in
the parsing of the name field by sending a crafted NBD_OPT_INFO or
NBD_OPT_GO message with an large value as the length of the name.
(CVE-2022-26496)

Packaging has been adjusted to create the required nbd user and group at
installation.
                

References

SRPMS

8/core