CVE-2015-0847

Published: 29 May 2015

nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.

Priority

Status

Package	Release	Status
nbd Launchpad, Ubuntu, Debian	upstream	Released (1:3.10-1)
	precise	Released (1:2.9.25-2ubuntu1.1)
	trusty	Released (1:3.7-1ubuntu0.1)
	utopic	Released (1:3.8-1ubuntu0.1)
	vivid	Released (1:3.8-4ubuntu0.1)
	Patches: upstream: http://sourceforge.net/p/nbd/mailman/message/34091218/ vendor: http://anonscm.debian.org/cgit/users/wouter/nbd.git/commit/?id=1c1481ee6faea00f32b9c83aa67e7cd70d15dad1 (wheezy) upstream: https://github.com/yoe/nbd/commit/412defe42d03be842c80d21dccf405c435b18432

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784657

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›