CNNVD-202512-3825 Information
Dec 19, 2025
cve
CNNVD ID
CNNVD-202512-3825
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
libnbd是libguestfs开源的一款用于编辑NBD(Network Block Device)客户端的库。 libnbd存在参数注入漏洞,该漏洞源于对特制URI的错误解析,可能导致任意代码执行。
Description (English)
Libnbd is a library of libguestfs open source to edit NBD (Network Block Data) clients. Libnbd has a gap in parameters, which stems from a misdialysis of the unique URL, which may lead to any code execution.
Hazard Level
High
Vulnerability Type
参数注入
Affected Vendor
Libguestfs
Published
2025-12-19
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-14946 https://bugzilla.redhat.com/show_bug.cgi?id=2423789 https://libguestfs.org/libnbd-release-notes-1.24.1.html#Security
Patch
https://libguestfs.org/libnbd-release-notes-1.24.1.html#Security
Share on: