PT-2018-13931 · Freebsd · Freebsd

Jakub Jirasek

Publicado

2018-12-04

Atualizado

2018-12-31

CVE-2018-17158

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 11.2-STABLE(r340854) and prior to 11.2-RELEASE-p5

Description An integer overflow error can occur when handling the client address length field in an NFSv4 request, allowing unprivileged remote users with access to the NFS server to crash the system by sending a specially crafted NFSv4 request.

Recommendations For versions prior to 11.2-STABLE(r340854), update to 11.2-STABLE(r340854) or later. For versions prior to 11.2-RELEASE-p5, update to 11.2-RELEASE-p5 or later.

Correção

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

CVE-2018-17158

Produtos afetados

Freebsd

PT-2018-13931 · Freebsd · Freebsd

CVE-2018-17158

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6