| ID | CVE-2022-26495 | ||||||
| Sažetak | In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:N/C:P/I:P/A:P | ||||||
| Zadnje važnije ažuriranje | 04-02-2024 - 11:15 | ||||||
| Objavljeno | 06-03-2022 - 06:15 |
