A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2019:2696 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:2730 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2020:0740 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871 | Issue Tracking Third Party Advisory |
https://security.netapp.com/advisory/ntap-20211004-0002/ | Third Party Advisory |
https://support.f5.com/csp/article/K18657134 | Third Party Advisory |
https://support.f5.com/csp/article/K18657134?utm_source=f5support&%3Butm_medium=RSS |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
12 Feb 2023, 23:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. |
02 Feb 2023, 21:18
Type | Values Removed | Values Added |
---|---|---|
Summary | A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. | |
References |
|
|
11 Apr 2022, 20:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp h410c
Redhat enterprise Linux Eus Netapp h700s Netapp Netapp h500e Firmware Netapp h300e Firmware Netapp h500s Firmware Netapp h300s Firmware Netapp h500e Netapp h700e Netapp h300e Netapp h410s Netapp h410s Firmware Netapp h410c Firmware Netapp h700e Firmware Netapp cloud Backup Netapp h700s Firmware Redhat mrg Realtime Netapp h500s Netapp h300s |
|
CPE | cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://support.f5.com/csp/article/K18657134 - Third Party Advisory | |
References | (CONFIRM) https://support.f5.com/csp/article/K18657134?utm_source=f5support&utm_medium=RSS - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0740 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2730 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20211004-0002/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2696 - Third Party Advisory |
04 Oct 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-07-30 17:15
Updated : 2023-12-10 12:59
NVD link : CVE-2018-16871
Mitre link : CVE-2018-16871
CVE.ORG link : CVE-2018-16871
JSON object : View
Products Affected
netapp
- h700s_firmware
- h700e
- h700e_firmware
- h700s
- h300s_firmware
- cloud_backup
- h300s
- h300e
- h500e_firmware
- h410c_firmware
- h410c
- h500s
- h410s
- h410s_firmware
- h500s_firmware
- h300e_firmware
- h500e
redhat
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_eus
- enterprise_linux_server_eus
- enterprise_linux_workstation
- enterprise_linux_server
- developer_tools
- enterprise_linux_desktop
- enterprise_linux
- mrg_realtime
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference