SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 7.5		CVSS Score : 5.0
Exploit Score: 3.9		Exploit Score: 10.0
Impact Score: 3.6		Impact Score: 2.9

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: NETWORK		Access Vector: NETWORK
Attack Complexity: LOW		Access Complexity: LOW
Privileges Required: NONE		Authentication: NONE
User Interaction: NONE		Confidentiality: NONE
Scope: UNCHANGED		Integrity: NONE
Confidentiality: NONE		Availability: PARTIAL
Integrity: NONE
Availability: HIGH

Reference:

RHSA-2019:2696

RHSA-2019:2730

RHSA-2020:0740

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871

https://security.netapp.com/advisory/ntap-20211004-0002/

https://support.f5.com/csp/article/K18657134

https://support.f5.com/csp/article/K18657134?utm_source=f5support&%3Butm_medium=RSS

https://support.f5.com/csp/article/K18657134?utm_source=f5support&utm_medium=RSS


30479



423868



248678



909



195426



282