The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Nbd | Wouter_verhelst | 2.9.3 (including) | 2.9.3 (including) |
| Nbd | Wouter_verhelst | 2.9.4 (including) | 2.9.4 (including) |
| Nbd | Wouter_verhelst | 2.9.5 (including) | 2.9.5 (including) |
| Nbd | Wouter_verhelst | 2.9.6 (including) | 2.9.6 (including) |
| Nbd | Wouter_verhelst | 2.9.7 (including) | 2.9.7 (including) |
| Nbd | Wouter_verhelst | 2.9.8 (including) | 2.9.8 (including) |
| Nbd | Wouter_verhelst | 2.9.9 (including) | 2.9.9 (including) |
| Nbd | Wouter_verhelst | 2.9.22 (including) | 2.9.22 (including) |
| Nbd | Wouter_verhelst | 2.9.23 (including) | 2.9.23 (including) |
| Nbd | Wouter_verhelst | 2.9.24 (including) | 2.9.24 (including) |
| Nbd | Wouter_verhelst | 2.9.25 (including) | 2.9.25 (including) |
| Nbd | Wouter_verhelst | 3.0 (including) | 3.0 (including) |
| Nbd | Wouter_verhelst | 3.1 (including) | 3.1 (including) |
| Nbd | Wouter_verhelst | 3.1.1 (including) | 3.1.1 (including) |
| Nbd | Wouter_verhelst | 3.2 (including) | 3.2 (including) |
| Nbd | Wouter_verhelst | 3.3 (including) | 3.3 (including) |