Описание
A vulnerability was found in the Linux kernel's Network Block Device (NBD) subsystem. The issue involved a potential integer overflow in the nbd_dev_add() function, where large values of the index parameter could lead to incorrect calculations of the first_minor value. This miscalculation may result in the creation of duplicate device entries in the sysfs filesystem, causing system instability or other unintended behaviors.
Отчет
This CVE has since been rejected by its CVE Numbering Authority (CNA), kernel.org. According to the National Vulnerability Database (NVD), the rejection indicates that the CVE ID has been withdrawn and should not be used as a reference for this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel | Affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected |
Показывать по
Дополнительная информация
Статус:
6.7 Medium
CVSS3
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.7 Medium
CVSS3