7.8

CVE-2017-7645

The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.89
LinuxLinux Kernel Version >= 3.3 < 3.10.107
LinuxLinux Kernel Version >= 3.11 < 3.12.74
LinuxLinux Kernel Version >= 3.13 < 3.16.44
LinuxLinux Kernel Version >= 3.17 < 3.18.52
LinuxLinux Kernel Version >= 3.19 < 4.1.40
LinuxLinux Kernel Version >= 4.2 < 4.4.66
LinuxLinux Kernel Version >= 4.5 < 4.9.26
LinuxLinux Kernel Version >= 4.10 < 4.10.14
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
CanonicalUbuntu Linux Version14.04 SwEditionesm
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.91% 0.923
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
Third Party Advisory
https://usn.ubuntu.com/3754-1/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1615
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1616
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1647
Third Party Advisory
http://www.debian.org/security/2017/dsa-3886
Third Party Advisory
http://www.securityfocus.com/bid/97950
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:1319
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6838a29ecb484c97e4efef9429643b9851fba6e
Vendor Advisory
https://github.com/torvalds/linux/commit/e6838a29ecb484c97e4efef9429643b9851fba6e
Patch
Third Party Advisory
https://marc.info/?l=linux-nfs&m=149218228327497&w=2
Patch
Third Party Advisory
Mailing List
https://marc.info/?l=linux-nfs&m=149247516212924&w=2
Patch
Third Party Advisory
Mailing List