CVE-2023-5215 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-5215 Interim 1 10 2026-03-05T03:52:20Z current 2023-09-28T23:20:46Z 2026-03-05T03:52:20Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-5215 A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2023-October/016882.html E-Mail link for SUSE-SU-2023:4222-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 9 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Server Applications 15 SP7 openSUSE Leap 15.4 openSUSE Leap 15.5 openSUSE Tumbleweed libnbd-1.18.0-1.1 libnbd-1.18.1-150300.8.15.1 libnbd-1.18.1-3.el9 libnbd-1.20.3-150700.1.8 libnbd-1.22.2-160000.2.2 libnbd-bash-completion-1.18.0-1.1 libnbd-bash-completion-1.18.1-150300.8.15.1 libnbd-bash-completion-1.18.1-3.el9 libnbd-bash-completion-1.22.2-160000.2.2 libnbd-devel-1.18.0-1.1 libnbd-devel-1.18.1-150300.8.15.1 libnbd-devel-1.18.1-3.el9 libnbd0-1.18.0-1.1 libnbd0-1.18.1-150300.8.15.1 libnbd0-1.20.3-150700.1.8 libnbd0-1.22.2-160000.2.2 nbdfuse-1.18.0-1.1 nbdfuse-1.18.1-150300.8.15.1 nbdfuse-1.18.1-3.el9 nbdfuse-1.20.3-150700.1.8 nbdfuse-1.22.2-160000.2.2 ocaml-libnbd-1.18.1-3.el9 ocaml-libnbd-devel-1.18.1-3.el9 python3-libnbd-1.18.0-1.1 python3-libnbd-1.18.1-150300.8.15.1 python3-libnbd-1.18.1-3.el9 python3-libnbd-1.22.2-160000.2.2 libnbd-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 libnbd-bash-completion-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 libnbd-devel-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 nbdfuse-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 ocaml-libnbd-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 ocaml-libnbd-devel-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 python3-libnbd-1.18.1-3.el9 as a component of SUSE Liberty Linux 9 libnbd-1.20.3-150700.1.8 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 libnbd0-1.20.3-150700.1.8 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 nbdfuse-1.20.3-150700.1.8 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 libnbd-1.22.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libnbd-bash-completion-1.22.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libnbd0-1.22.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 nbdfuse-1.22.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 python3-libnbd-1.22.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libnbd-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.4 libnbd-bash-completion-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.4 libnbd-devel-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.4 libnbd0-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.4 nbdfuse-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.4 libnbd-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.5 libnbd-bash-completion-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.5 libnbd-devel-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.5 libnbd0-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.5 nbdfuse-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.5 python3-libnbd-1.18.1-150300.8.15.1 as a component of openSUSE Leap 15.5 libnbd-1.18.0-1.1 as a component of openSUSE Tumbleweed libnbd-bash-completion-1.18.0-1.1 as a component of openSUSE Tumbleweed libnbd-devel-1.18.0-1.1 as a component of openSUSE Tumbleweed libnbd0-1.18.0-1.1 as a component of openSUSE Tumbleweed nbdfuse-1.18.0-1.1 as a component of openSUSE Tumbleweed python3-libnbd-1.18.0-1.1 as a component of openSUSE Tumbleweed A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly. CVE-2023-5215 SUSE Liberty Linux 9:libnbd-1.18.1-3.el9 SUSE Liberty Linux 9:libnbd-bash-completion-1.18.1-3.el9 SUSE Liberty Linux 9:libnbd-devel-1.18.1-3.el9 SUSE Liberty Linux 9:nbdfuse-1.18.1-3.el9 SUSE Liberty Linux 9:ocaml-libnbd-1.18.1-3.el9 SUSE Liberty Linux 9:ocaml-libnbd-devel-1.18.1-3.el9 SUSE Liberty Linux 9:python3-libnbd-1.18.1-3.el9 SUSE Linux Enterprise Module for Server Applications 15 SP7:libnbd-1.20.3-150700.1.8 SUSE Linux Enterprise Module for Server Applications 15 SP7:libnbd0-1.20.3-150700.1.8 SUSE Linux Enterprise Module for Server Applications 15 SP7:nbdfuse-1.20.3-150700.1.8 SUSE Linux Enterprise Server 16.0:libnbd-1.22.2-160000.2.2 SUSE Linux Enterprise Server 16.0:libnbd-bash-completion-1.22.2-160000.2.2 SUSE Linux Enterprise Server 16.0:libnbd0-1.22.2-160000.2.2 SUSE Linux Enterprise Server 16.0:nbdfuse-1.22.2-160000.2.2 SUSE Linux Enterprise Server 16.0:python3-libnbd-1.22.2-160000.2.2 openSUSE Leap 15.4:libnbd-1.18.1-150300.8.15.1 openSUSE Leap 15.4:libnbd-bash-completion-1.18.1-150300.8.15.1 openSUSE Leap 15.4:libnbd-devel-1.18.1-150300.8.15.1 openSUSE Leap 15.4:libnbd0-1.18.1-150300.8.15.1 openSUSE Leap 15.4:nbdfuse-1.18.1-150300.8.15.1 openSUSE Leap 15.5:libnbd-1.18.1-150300.8.15.1 openSUSE Leap 15.5:libnbd-bash-completion-1.18.1-150300.8.15.1 openSUSE Leap 15.5:libnbd-devel-1.18.1-150300.8.15.1 openSUSE Leap 15.5:libnbd0-1.18.1-150300.8.15.1 openSUSE Leap 15.5:nbdfuse-1.18.1-150300.8.15.1 openSUSE Leap 15.5:python3-libnbd-1.18.1-150300.8.15.1 openSUSE Tumbleweed:libnbd-1.18.0-1.1 openSUSE Tumbleweed:libnbd-bash-completion-1.18.0-1.1 openSUSE Tumbleweed:libnbd-devel-1.18.0-1.1 openSUSE Tumbleweed:libnbd0-1.18.0-1.1 openSUSE Tumbleweed:nbdfuse-1.18.0-1.1 openSUSE Tumbleweed:python3-libnbd-1.18.0-1.1 moderate 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L