← back
CVE-2018-17158

CVE-2018-17158

EPSS 4.4%
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request.
Affected products
FreeBSD · FreeBSD

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.aschttp://www.securityfocus.com/bid/106192http://www.securitytracker.com/id/1042164