10
CVE-2017-7895
- EPSS 10.81%
- Veröffentlicht 28.04.2017 10:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 3.2.89
Linux ≫ Linux Kernel Version >= 3.3 < 3.16.44
Linux ≫ Linux Kernel Version >= 3.17.0 < 4.1.40
Linux ≫ Linux Kernel Version >= 4.2 < 4.4.67
Linux ≫ Linux Kernel Version >= 4.5.0 < 4.9.26
Linux ≫ Linux Kernel Version >= 4.10 < 4.10.14
Debian ≫ Debian Linux Version8.0
Debian ≫ Debian Linux Version9.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.81% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
https://access.redhat.com/errata/RHSA-2017:1615
https://access.redhat.com/errata/RHSA-2017:1616
https://access.redhat.com/errata/RHSA-2017:1647
http://www.debian.org/security/2017/dsa-3886
http://www.securityfocus.com/bid/98085
https://access.redhat.com/errata/RHSA-2017:1715
https://access.redhat.com/errata/RHSA-2017:1723
https://access.redhat.com/errata/RHSA-2017:1766
https://access.redhat.com/errata/RHSA-2017:1798
https://access.redhat.com/errata/RHSA-2017:2412
https://access.redhat.com/errata/RHSA-2017:2428
https://access.redhat.com/errata/RHSA-2017:2429
https://access.redhat.com/errata/RHSA-2017:2472
https://access.redhat.com/errata/RHSA-2017:2732
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13bf9fbff0e5e099e2b6f003a0ab8ae145436309
https://github.com/torvalds/linux/commit/13bf9fbff0e5e099e2b6f003a0ab8ae145436309