#VU95607 Improper Certificate Validation in libnbd


Published: 2024-08-08

Vulnerability identifier: #VU95607

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-7383

CWE-ID: CWE-295

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libnbd
Universal components / Libraries / Libraries used by multiple products

Vendor: libguestfs

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exist due to improper certificate validation when handling the NBD server's certificate. A remote attacker can perform MitM attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libnbd: 1.20.0 - 1.20.1, 1.21.0, 1.18.0 - 1.18.4, 1.19.1 - 1.19.11

External links
http://access.redhat.com/security/cve/CVE-2024-7383
http://bugzilla.redhat.com/show_bug.cgi?id=2302865
http://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/message/LHR3BW6RJ7K4BJBQIYV3GTZLSY27VZO2
http://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/ENZY4LHLARA3N4C3JUNLPYUCXHFO7BWQ/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Red Hat Enterprise Linux 9 update for libnbd
SUSE update for libnbd
SUSE update for libnbd
MitM attack in libnbd