Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-16871

Опубликовано: 03 июн. 2019
Источник: redhat
CVSS3: 7.5

Описание

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2019:189129.07.2019
Red Hat Enterprise Linux 7kernelFixedRHSA-2019:187329.07.2019
Red Hat Enterprise Linux 7kernel-altFixedRHSA-2020:074009.03.2020
Red Hat Enterprise Linux 7.4 Extended Update SupportkernelFixedRHSA-2019:269612.09.2019
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2020:156728.04.2020
Red Hat Enterprise Linux 8kernelFixedRHSA-2020:176928.04.2020
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2019:273011.09.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1655162kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-16871

CVSS3: 7.5
ubuntu
около 6 лет назад

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

nvd логотип

CVE-2018-16871

CVSS3: 7.5
nvd
около 6 лет назад

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

debian логотип

CVE-2018-16871

CVSS3: 7.5
debian
около 6 лет назад

A flaw was found in the Linux kernel's NFS implementation, all version ...

github логотип

GHSA-h4fx-7429-jvf7

CVSS3: 7.5
github
больше 3 лет назад

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

fstec логотип

BDU:2019-02456

CVSS3: 7.5
fstec
почти 7 лет назад

Уязвимость реализации протокола NFS ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3