CVE-2018-16884

Опубликовано: 27 нояб. 2018

Источник: redhat

CVSS3: 6.5

Описание

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Fixed	RHSA-2019:1891	29.07.2019
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2019:1873	29.07.2019
Red Hat Enterprise Linux 7	kernel-alt	Fixed	RHSA-2020:2854	07.07.2020
Red Hat Enterprise Linux 7.4 Extended Update Support	kernel	Fixed	RHSA-2019:2696	12.09.2019
Red Hat Enterprise Linux 8	kernel-rt	Fixed	RHSA-2019:3309	05.11.2019
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2019:3517	05.11.2019
Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions	kernel	Fixed	RHSA-2020:0204	22.01.2020
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2019:2730	11.09.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1660375kernel: nfs: use-after-free in svc_process_common()

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2018-16884

CVSS3: 8

ubuntu

около 7 лет назад

CVE-2018-16884

CVSS3: 8

nvd

около 7 лет назад

CVE-2018-16884

CVSS3: 8

debian

около 7 лет назад

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares ...

SUSE-SU-2019:0356-1

suse-cvrf

почти 7 лет назад

Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)

SUSE-SU-2019:0326-1

suse-cvrf

почти 7 лет назад

Security update for the Linux Kernel (Live Patch 35 for SLE 12)

6.5 Medium

CVSS3