CVE-2018-17159

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 11.2-STABLE(r340854) and prior to 11.2-RELEASE-p5

Description The issue is related to the NFS server, which lacks a bounds check in the READDIRPLUS NFS request. This allows unprivileged remote users with access to the NFS server to cause resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation.

Recommendations For versions prior to 11.2-STABLE(r340854), update to 11.2-STABLE(r340854) or later. For versions prior to 11.2-RELEASE-p5, update to 11.2-RELEASE-p5 or later.