Nir Soffer

**Name of the Vulnerable Software and Affected Versions** libnbd (affected versions not specified) **Description** The issue is related to the handling of exceptions in the nbdcopy tool of the libnbd library. When performing multi-threaded copies using asynchronous nbd calls, the tool may treat the completion of an asynchronous command as successful without checking the `error` parameter. This could result in the silent creation of a corrupted destination image. The vulnerability can be exploited by a remote attacker to automatically create damaged target images. **Recommendations** For libnbd, consider disabling the `nbdcopy` tool until a patch is available to prevent the creation of corrupted destination images. Restrict access to the `nbdcopy` tool to minimize the risk of exploitation. Avoid using the `nbdcopy` tool for multi-threaded copies with asynchronous nbd calls until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.