Vulnerability Description
nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Ubuntu Linux | 12.04 |
| Wouter Verhelst | Nbd | <= 3.10 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html
- http://sourceforge.net/p/nbd/mailman/message/34091218/
- http://sourceforge.net/projects/nbd/files/nbd/3.11/Patch
- http://www.debian.org/security/2015/dsa-3271
- http://www.openwall.com/lists/oss-security/2015/05/07/9
- http://www.ubuntu.com/usn/USN-2676-1
- http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html
- http://sourceforge.net/p/nbd/mailman/message/34091218/
- http://sourceforge.net/projects/nbd/files/nbd/3.11/Patch
- http://www.debian.org/security/2015/dsa-3271
- http://www.openwall.com/lists/oss-security/2015/05/07/9
- http://www.ubuntu.com/usn/USN-2676-1
FAQ
What is CVE-2015-0847?
CVE-2015-0847 is a vulnerability with a CVSS score of 7.8 (HIGH). nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
How severe is CVE-2015-0847?
CVE-2015-0847 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0847?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Wouter Verhelst Nbd.