A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

Related CVEs

CVE-2023-5215

Key Information

GHSA ID

GHSA-fj2q-5f6j-5xf4

Published

September 28, 2023 3:30 PM

Last Modified

April 30, 2024 3:30 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.