Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:6757

Опубликовано: 30 сент. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: libnbd security update

Network Block Device (NBD) is a protocol for accessing Block Devices (hard disks and disk-like devices) over a Network. The libnbd is a userspace client library for writing NBD clients.

Security Fix(es):

  • libnbd: NBD server improper certificate validation (CVE-2024-7383)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
libnbdx86_644.el9_4libnbd-1.18.1-4.el9_4.x86_64.rpm
libnbd-bash-completionnoarch4.el9_4libnbd-bash-completion-1.18.1-4.el9_4.noarch.rpm
nbdfusex86_644.el9_4nbdfuse-1.18.1-4.el9_4.x86_64.rpm
python3-libnbdx86_644.el9_4python3-libnbd-1.18.1-4.el9_4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-7383

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-7383

CVSS3: 7.4
ubuntu
11 месяцев назад

A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.

redhat логотип

CVE-2024-7383

CVSS3: 7.4
redhat
12 месяцев назад

A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.

nvd логотип

CVE-2024-7383

CVSS3: 7.4
nvd
11 месяцев назад

A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.

msrc логотип

CVE-2024-7383

CVSS3: 7.4
msrc
8 месяцев назад

Описание отсутствует

debian логотип

CVE-2024-7383

CVSS3: 7.4
debian
11 месяцев назад

A flaw was found in libnbd. The client did not always correctly verify ...