Ubuntu Security Notice USN-237-1 - Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.
470bc51f6550a5ac251c715a2016bd6064b902a44c139b366028fda7923b6eca