NBD Tools: Buffer overflow in NBD server — GLSA 200512-14

The NBD server is vulnerable to a buffer overflow that may result in the execution of arbitrary code.

Affected packages

sys-block/nbd on all architectures
Affected versions < 2.8.2-r1
Unaffected versions >= 2.8.2-r1

Background

The NBD Tools are the Network Block Device utilities allowing one to use remote block devices over a TCP/IP network. It includes a userland NBD server.

Description

Kurt Fitzner discovered that the NBD server allocates a request buffer that fails to take into account the size of the reply header.

Impact

A remote attacker could send a malicious request that can result in the execution of arbitrary code with the rights of the NBD server.

Workaround

There is no known workaround at this time.

Resolution

All NBD Tools users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-block/nbd-2.8.2-r1"

References

Release date
December 23, 2005

Latest revision
December 23, 2005: 01

Severity
high

Exploitable
remote

Bugzilla entries