It was discovered that NBD incorrectly handled name length fields. A remote
attacker could use this issue to cause NBD to crash, resulting in a denial
of service, or possibly execute arbitrary code.

Read More