CVE-2013-7441
nbd - security update
EPSS 3.6%
Description
The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.
How to fix CVE-2013-7441
To remediate CVE-2013-7441, upgrade the affected package to a fixed version below.
- Debian/nbd—upgrade to 1:3.4-1 or later
- Debian/nbd—upgrade to 1:3.2-4~deb7u5 or later
Is CVE-2013-7441 being exploited?
Low — EPSS is 3.6%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1:3.4-1
- from 0, < 1:3.2-4~deb7u5