CVE-2018-16871

MEDIUM

Description

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

References

https://access.redhat.com/errata/RHSA-2019:2696

https://access.redhat.com/errata/RHSA-2019:2730

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871

https://support.f5.com/csp/article/K18657134

https://support.f5.com/csp/article/K18657134?utm_source=f5support&utm_medium=RSS

Details

Source: MITRE

Published: 2019-07-30

Updated: 2019-09-10

Type: CWE-476

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
145850CentOS 8 : kernel (CESA-2020:1769)NessusCentOS Local Security Checks
high
138766NewStart CGSL MAIN 6.01 : kernel Multiple Vulnerabilities (NS-SA-2020-0030)NessusNewStart CGSL Local Security Checks
high
136116RHEL 8 : kernel-rt (RHSA-2020:1567)NessusRed Hat Local Security Checks
high
136115RHEL 8 : kernel (RHSA-2020:1769)NessusRed Hat Local Security Checks
high
134735EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-1269)NessusHuawei Local Security Checks
high
134361RHEL 7 : kernel-alt (RHSA-2020:0740)NessusRed Hat Local Security Checks
high
133458Virtuozzo 7 : readykernel-patch (VZA-2019-068)NessusVirtuozzo Local Security Checks
high
133457Virtuozzo 7 : readykernel-patch (VZA-2019-064)NessusVirtuozzo Local Security Checks
medium
132495NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)NessusNewStart CGSL Local Security Checks
high
132474NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247)NessusNewStart CGSL Local Security Checks
high
129920NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0183)NessusNewStart CGSL Local Security Checks
high
129900NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0180)NessusNewStart CGSL Local Security Checks
high
129284SUSE SLED15 / SLES15 Security Update : kernel-source-rt (SUSE-SU-2019:2430-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)NessusSuSE Local Security Checks
high
128929EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1926)NessusHuawei Local Security Checks
critical
128854RHEL 6 : MRG (RHSA-2019:2730)NessusRed Hat Local Security Checks
high
128842EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1919)NessusHuawei Local Security Checks
high
128662RHEL 7 : kernel (RHSA-2019:2696)NessusRed Hat Local Security Checks
high
127985Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4746)NessusOracle Linux Local Security Checks
high
127726Scientific Linux Security Update : kernel on SL7.x x86_64 (20190729)NessusScientific Linux Local Security Checks
medium
127623RHEL 7 : kernel-rt (RHSA-2019:1891)NessusRed Hat Local Security Checks
medium
127618RHEL 7 : kernel (RHSA-2019:1873)NessusRed Hat Local Security Checks
medium
127603Oracle Linux 7 : kernel (ELSA-2019-1873)NessusOracle Linux Local Security Checks
medium
127469CentOS 7 : kernel (CESA-2019:1873)NessusCentOS Local Security Checks
medium
126897openSUSE Security Update : the Linux Kernel (openSUSE-2019-1757)NessusSuSE Local Security Checks
high
126884openSUSE Security Update : the Linux Kernel (openSUSE-2019-1716)NessusSuSE Local Security Checks
high
126744SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1855-1) (SACK Slowness)NessusSuSE Local Security Checks
high
126741SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:1851-1) (SACK Slowness)NessusSuSE Local Security Checks
high
126691SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1829-1)NessusSuSE Local Security Checks
high
126499SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1744-1)NessusSuSE Local Security Checks
medium