Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2022-26496

Published: 06/03/2022 Updated: 04/02/2024
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Network Block Device Project

Vulnerability Summary

In nbd-server in nbd prior to 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

network block device project network block device

debian debian linux 10.0

debian debian linux 11.0

fedoraproject fedora 34

fedoraproject fedora 35

fedoraproject fedora 36

Vendor Advisories

Debian CVElist Bug Report Logs: security issues in nbd-server: CVE-2022-26495 CVE-2022-26496
Debian Bug report logs - #1006915 security issues in nbd-server: CVE-2022-26495 CVE-2022-26496 Package: src:nbd; Maintainer for src:nbd is Wouter Verhelst <wouter@debianorg>; Reported by: Wouter Verhelst <wouter@debianorg> Date: Tue, 8 Mar 2022 08:09:01 UTC Severity: serious Tags: fixed-upstream, security, upstrea ...
Debian Security Advisories: DSA-5100-1 nbd -- security update
Two vulnerabilities were discovered in the server for the Network Block Device (NBD), which could result in the execution of arbitrary code For the oldstable distribution (buster), these problems have been fixed in version 1:319-3+deb10u1 For the stable distribution (bullseye), these problems have been fixed in version 1:321-1+deb11u1 We recom ...

Exploits

Exploit DB: Shannon Baseband fmtp SDP Attribute Memory Corruption
Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffer using memcpy with the length of payload type as the length parameter There are no checks that the pa ...

References

CWE-787https://sourceforge.net/projects/nbd/files/nbd/https://lists.debian.org/nbd/2022/01/msg00037.htmlhttps://lists.debian.org/nbd/2022/01/msg00036.htmlhttps://www.debian.org/security/2022/dsa-5100http://packetstormsecurity.com/files/172148/Shannon-Baseband-fmtp-SDP-Attribute-Memory-Corruption.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZHR73XMAJTCFGKUZRXVTZKCK2X3IFNA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU5JFD4PEJED72TZLZ5R2Q2SFXICU5I5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G2UPX62BIWOOHSACGUDB7E3O4URNN37F/https://security.gentoo.org/glsa/202402-10https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006915https://www.debian.org/security/2022/dsa-5100https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook