CVE-2018-16871

Sažetak

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871
https://access.redhat.com/errata/RHSA-2019:2696
https://access.redhat.com/errata/RHSA-2019:2730
https://support.f5.com/csp/article/K18657134
https://access.redhat.com/errata/RHSA-2020:0740
https://security.netapp.com/advisory/ntap-20211004-0002/
https://support.f5.com/csp/article/K18657134?utm_source=f5support&amp%3Butm_medium=RSS

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

12-02-2023 - 23:32

Objavljeno

30-07-2019 - 17:15