Nixpkgs security tracker

Untriaged

Permalink CVE-2023-5871

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 8 months, 2 weeks ago

Libnbd: malicious nbd server may crash libnbd

A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service.

References

RHSA-2024:2204 vendor-advisoryx_transferredx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5871 x_transferredvdb-entryx_refsource_REDHAT
RHBZ#2247308 x_transferredissue-trackingx_refsource_REDHAT
https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/… x_transferred

Affected products

libnbd

*
==1.18.2

virt:rhel/libnbd

Matching in nixpkgs

pkgs.libnbd

Network Block Device client library in userspace

nixos-unstable 1.22.1
- nixpkgs-unstable 1.22.1
- nixos-unstable-small 1.22.1

pkgs.python311Packages.libnbd

Network Block Device client library in userspace

nixos-unstable 1.20.2
- nixpkgs-unstable 1.20.2
- nixos-unstable-small 1.20.2

pkgs.python312Packages.libnbd

Network Block Device client library in userspace

nixos-unstable 1.22.1
- nixpkgs-unstable 1.22.1
- nixos-unstable-small 1.22.1

pkgs.python313Packages.libnbd

Network Block Device client library in userspace

nixos-unstable 1.22.1
- nixpkgs-unstable 1.22.1
- nixos-unstable-small 1.22.1

Package maintainers

@akshatagarwl Akshat Agarwal <humancalico@disroot.org>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.libnbd

pkgs.python311Packages.libnbd

pkgs.python312Packages.libnbd

pkgs.python313Packages.libnbd

Package maintainers