Vulnerability CVE-2015-0847: Information

Description

nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.

Severity: HIGH (7.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-0847
Published: May 29, 2015
Modified: Dec. 31, 2016
Error type identifier: CWE-17

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
nbdsisyphus3.20-alt13.25-alt3ALT-PU-2020-3164-1260627Fixed
nbdp103.20-alt13.25-alt3ALT-PU-2020-3164-1260627Fixed
nbdp93.20-alt13.20-alt1ALT-PU-2020-3187-1260630Fixed
nbdc10f13.20-alt13.20-alt1ALT-PU-2020-3164-1260627Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling
    http://sourceforge.net/projects/nbd/files/nbd/3.11/
    • Patch
    DSA-3271
      [oss-security] 20150507 CVE-2015-0847 in nbd-server
        USN-2676-1
          openSUSE-SU-2015:0994

              1. Configuration 1

                cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

                Configuration 2

                cpe:2.3:a:wouter_verhelst:nbd:*:*:*:*:*:*:*:*
                End including
                3.10
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.4.2
            Back to top