Source: nbd Version: 1:3.23-3 Severity: serious Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Two security issues exist in NBD: CVE-2022-26495 and CVE-2022-26496. The former exists since a very long time; the latter only exists since the introduction of NBD_OPT_INFO and NBD_OPT_GO in NBD 3.16. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (990, 'testing'), (500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386, riscv64, armhf Kernel: Linux 5.16.0-3-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8), LANGUAGE=nl_BE:nl Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
