Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-5215

UNKNOWN
Published 2023-09-28T13:55:32.462Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-5215. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
5.3
/10
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.142
Higher than 14.2% of all CVEs

Attack Vector Metrics

Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Description

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Red Hat

Red Hat Enterprise Linux 9

Affected Versions:

0:1.18.1-3.el9
Red Hat

Red Hat Enterprise Linux 8

Red Hat

Red Hat Enterprise Linux 8 Advanced Virtualization

Red Hat

Red Hat Enterprise Linux 8 Advanced Virtualization

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-fj2q-5f6j-5xf4

Advisory Details

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-5215
WEB https://access.redhat.com/errata/RHSA-2024:2204
WEB https://access.redhat.com/security/cve/CVE-2023-5215
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2241041
WEB https://listman.redhat.com/archives/libguestfs/2023-September/032635.html

Advisory provided by GitHub Security Advisory Database. Published: September 28, 2023, Modified: April 30, 2024

References

https://access.redhat.com/errata/RHSA-2024:2204
https://access.redhat.com/security/cve/CVE-2023-5215
https://bugzilla.redhat.com/show_bug.cgi?id=2241041
https://listman.redhat.com/archives/libguestfs/2023-September/032635.html
Published: 2023-09-28T13:55:32.462Z
Last Modified: 2025-09-10T02:08:37.574Z
Copied to clipboard!