vulnerability
CentOS Linux: CVE-2017-7895: Important: kernel security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Apr 28, 2017 | Jul 1, 2017 | May 25, 2023 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 28, 2017
Added
Jul 1, 2017
Modified
May 25, 2023
Description
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
Solution(s)
centos-upgrade-kernelcentos-upgrade-kernel-rt
References
- BID-98085
- DEBIAN-DLA-993-1
- DEBIAN-DSA-3886
- NVD-CVE-2017-7895
- REDHAT-RHSA-2017:1615
- REDHAT-RHSA-2017:1616
- REDHAT-RHSA-2017:1647
- REDHAT-RHSA-2017:1715
- REDHAT-RHSA-2017:1723
- REDHAT-RHSA-2017:1766
- REDHAT-RHSA-2017:1798
- REDHAT-RHSA-2017:2412
- REDHAT-RHSA-2017:2428
- REDHAT-RHSA-2017:2429
- REDHAT-RHSA-2017:2472
- REDHAT-RHSA-2017:2732
- UBUNTU-USN-3312-1
- UBUNTU-USN-3312-2
- UBUNTU-USN-3314-1
- UBUNTU-USN-3359-1
- UBUNTU-USN-3360-1
- UBUNTU-USN-3360-2
- UBUNTU-USN-3361-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.