Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-16871

Опубликовано: 03 июн. 2019
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2019:189129.07.2019
Red Hat Enterprise Linux 7kernelFixedRHSA-2019:187329.07.2019
Red Hat Enterprise Linux 7kernel-altFixedRHSA-2020:074009.03.2020
Red Hat Enterprise Linux 7.4 Extended Update SupportkernelFixedRHSA-2019:269612.09.2019
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2020:156728.04.2020
Red Hat Enterprise Linux 8kernelFixedRHSA-2020:176928.04.2020
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2019:273011.09.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1655162kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

EPSS

Процентиль: 70%
0.00649
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-16871

CVSS3: 7.5
ubuntu
почти 6 лет назад

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

nvd логотип

CVE-2018-16871

CVSS3: 7.5
nvd
почти 6 лет назад

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

debian логотип

CVE-2018-16871

CVSS3: 7.5
debian
почти 6 лет назад

A flaw was found in the Linux kernel's NFS implementation, all version ...

github логотип

GHSA-h4fx-7429-jvf7

CVSS3: 7.5
github
около 3 лет назад

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

fstec логотип

BDU:2019-02456

CVSS3: 7.5
fstec
больше 6 лет назад

Уязвимость реализации протокола NFS ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 70%
0.00649
Низкий

7.5 High

CVSS3