Updated nbd packages fix security vulnerabilityPublication date: 01 Nov 2022
Affected Mageia releases : 8
CVE: CVE-2022-26495 , CVE-2022-26496
It was discovered that nbd prior to 3.24 contained an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name resulting in a write to a dangling pointer (CVE-2022-26495). Stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name. (CVE-2022-26496) Packaging has been adjusted to create the required nbd user and group at installation.