Jasu Liedes

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 3.x through 4.20 **Description** A flaw was found in the Linux kernel's NFS implementation. An attacker who is able to mount an exported NFS filesystem can trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server, resulting in the loss of any outstanding disk writes to the NFS server. **Recommendations** For Linux kernel versions 3.x through 4.20, consider disabling the NFS implementation until a patch is available to prevent exploitation. Restrict access to the NFS server to minimize the risk of denial of service. Avoid using invalid NFS sequences in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.