10

CVE-2017-7895

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.89
LinuxLinux Kernel Version >= 3.3 < 3.16.44
LinuxLinux Kernel Version >= 3.17.0 < 4.1.40
LinuxLinux Kernel Version >= 4.2 < 4.4.67
LinuxLinux Kernel Version >= 4.5.0 < 4.9.26
LinuxLinux Kernel Version >= 4.10 < 4.10.14
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.81% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://access.redhat.com/errata/RHSA-2017:1615
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1616
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1647
Third Party Advisory
http://www.debian.org/security/2017/dsa-3886
Third Party Advisory
http://www.securityfocus.com/bid/98085
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:1715
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1723
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1766
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1798
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2412
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2428
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2429
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2472
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2732
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13bf9fbff0e5e099e2b6f003a0ab8ae145436309
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/13bf9fbff0e5e099e2b6f003a0ab8ae145436309
Patch
Third Party Advisory