CVE-2018-16871
Summary
| CVE | CVE-2018-16871 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-07-30 17:15:00 UTC |
| Updated | 2023-02-12 23:32:00 UTC |
| Description | A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. |
Risk And Classification
Problem Types: CWE-476
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Application | Netapp | Cloud Backup | - | All | All | All |
| Hardware | Netapp | H300e | - | All | All | All |
| Operating System | Netapp | H300e Firmware | - | All | All | All |
| Hardware | Netapp | H300s | - | All | All | All |
| Operating System | Netapp | H300s Firmware | - | All | All | All |
| Hardware | Netapp | H410c | - | All | All | All |
| Operating System | Netapp | H410c Firmware | - | All | All | All |
| Hardware | Netapp | H410s | - | All | All | All |
| Operating System | Netapp | H410s Firmware | - | All | All | All |
| Hardware | Netapp | H500e | - | All | All | All |
| Operating System | Netapp | H500e Firmware | - | All | All | All |
| Hardware | Netapp | H500s | - | All | All | All |
| Operating System | Netapp | H500s Firmware | - | All | All | All |
| Hardware | Netapp | H700e | - | All | All | All |
| Operating System | Netapp | H700e Firmware | - | All | All | All |
| Hardware | Netapp | H700s | - | All | All | All |
| Operating System | Netapp | H700s Firmware | - | All | All | All |
| Application | Redhat | Developer Tools | 1.0 | All | All | All |
| Application | Redhat | Developer Tools | 1.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Application | Redhat | Mrg Realtime | 2.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| support.f5.com/csp/article/K18657134 | MISC | support.f5.com | |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| CVE-2018-16871 - Red Hat Customer Portal | MISC | access.redhat.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| 1655162 – (CVE-2018-16871) CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence | MISC | bugzilla.redhat.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| CVE-2018-16871 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| 1655162 – (CVE-2018-16871) CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence | CONFIRM | bugzilla.redhat.com | Issue Tracking, Third Party Advisory |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| support.f5.com/csp/article/K18657134 | CONFIRM | support.f5.com | |
| support.f5.com/csp/article/K18657134 | CONFIRM | support.f5.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.