CVE-2018-17157

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 11.2-STABLE(r340854) and prior to 11.2-RELEASE-p5

Description The issue is caused by an integer overflow error when handling opcodes, which can lead to memory corruption. This can be triggered by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code.

Recommendations For versions prior to 11.2-STABLE(r340854), update to 11.2-STABLE(r340854) or later. For versions prior to 11.2-RELEASE-p5, update to 11.2-RELEASE-p5 or later.