=head1 NAME

libnbd-security - information about past security issues in libnbd

=head1 DESCRIPTION

This page details past security issues found in libnbd.

For how to report new security issues, see the C<SECURITY> file in the
top level source directory, also available online here:
L<https://gitlab.com/nbdkit/libnbd/blob/master/SECURITY>

=head2 CVE-2019-14842
protocol downgrade attack when using C<LIBNBD_TLS_REQUIRE>

See the full announcement and links to mitigation, tests and fixes
here:
L<https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html>

=head2 remote code execution vulnerability

See the full announcement here:
L<https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html>

=head2 CVE-2021-20286
denial of service when using L<nbd_set_opt_mode(3)>

See the full announcement here:
L<https://listman.redhat.com/archives/libguestfs/2021-March/msg00092.html>

=head2 CVE-2022-0485
silent data corruption when using L<nbdcopy(1)>

See the full announcement here:
L<https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html>

=head2 integration testing denial of service with block status

See the full announcement here:
L<https://listman.redhat.com/archives/libguestfs/2023-July/032035.html>

=head2 CVE-2023-5215
negative size result from nbd_get_size(3)

See the full announcement here:
L<https://listman.redhat.com/archives/libguestfs/2023-September/032711.html>

=head2 CVE-2023-5871
assertion failure for 64-bit flags passed to nbd_block_status(3)

See the full announcement here:
L<https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/5CRC7LRTN35WPZZ4BT6NAMH4JGMF47IK/>

=head2 CVE-2024-7383
multiple flaws in TLS server certificate checking

See the full announcement here:
L<https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/LHR3BW6RJ7K4BJBQIYV3GTZLSY27VZO2/>

=head1 SEE ALSO

L<libnbd(3)>.

=head1 AUTHORS

Eric Blake

Richard W.M. Jones

=head1 COPYRIGHT

Copyright Red Hat