{"api_version":"1","generated_at":"2026-05-04T06:38:18+00:00","cve":"CVE-2018-17158","urls":{"html":"https://cve.report/CVE-2018-17158","api":"https://cve.report/api/cve/CVE-2018-17158.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-17158","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-17158"},"summary":{"title":"CVE-2018-17158","description":"In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request.","state":"PUBLIC","assigner":"secteam@freebsd.org","published_at":"2018-12-04 15:29:00","updated_at":"2018-12-31 16:44:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.asc","name":"FreeBSD-SA-18:13","refsource":"FREEBSD","tags":["Third Party Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/106192","name":"106192","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"FreeBSD Network File System Multiple Security Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/","name":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/","refsource":"MISC","tags":["Third Party Advisory"],"title":"Secunia Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1042164","name":"1042164","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"FreeBSD NFS Server Code Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-17158","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17158","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"17158","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"freebsd","cpe5":"freebsd","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"17158","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"freebsd","cpe5":"freebsd","cpe6":"11.2","cpe7":"p5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"17158","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"freebsd","cpe5":"freebsd","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"17158","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"freebsd","cpe5":"freebsd","cpe6":"11.2","cpe7":"p5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secteam@freebsd.org","ID":"CVE-2018-17158","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"FreeBSD","version":{"version_data":[{"version_value":"FreeBSD 11.2 before 11.2-RELEASE-p5"}]}}]},"vendor_name":"FreeBSD"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Kernel integer overflow"}]}]},"references":{"reference_data":[{"name":"106192","refsource":"BID","url":"http://www.securityfocus.com/bid/106192"},{"name":"FreeBSD-SA-18:13","refsource":"FREEBSD","url":"https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.asc"},{"name":"1042164","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1042164"},{"name":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/","refsource":"MISC","url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/"}]}},"nvd":{"publishedDate":"2018-12-04 15:29:00","lastModifiedDate":"2018-12-31 16:44:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":7.8},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"17158","Ordinal":"133970","Title":"CVE-2018-17158","CVE":"CVE-2018-17158","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"17158","Ordinal":"1","NoteData":"In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"17158","Ordinal":"2","NoteData":"2018-12-04","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"17158","Ordinal":"3","NoteData":"2018-12-13","Type":"Other","Title":"Modified"}]}}}