libnbd-security - information about past security issues in libnbd
This page details past security issues found in libnbd.
For how to report new security issues, see the SECURITY
file in the top level source directory, also available online here: https://gitlab.com/nbdkit/libnbd/blob/master/SECURITY
See the full announcement and links to mitigation, tests and fixes here: https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html
See the full announcement here: https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html
CVE-2021-20286 denial of service when using nbd_set_opt_mode(3)
See the full announcement here: https://listman.redhat.com/archives/libguestfs/2021-March/msg00092.html
CVE-2022-0485 silent data corruption when using nbdcopy(1)
See the full announcement here: https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html
See the full announcement here: https://www.redhat.com/archives/libguestfs/2023-July/032035.html
Eric Blake
Richard W.M. Jones
Copyright Red Hat