CVE-2025-14946 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier (URI). This vulner…
Medium CVSS: 4.8

CVE-2025-14946

A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier (URI). This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell (SSH) process, rather than as hostnames. This could lead to arbitrary code execution with the privileges of the user running libnbd.
Vendor
-
Product
-
CWE
CWE-88
Yayın Tarihi
2025-12-19 13:16:03
Güncelleme
2025-12-19 18:00:18
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-88 MEDIUM 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-14946 https://bugzilla.redhat.com/show_bug.cgi?id=2423789 https://libguestfs.org/libnbd-release-notes-1.24.1.html#Security