Vvs: Created page with "== Changes == Since {{kernel link|rhel6|042stab123.2}}: * [Important] The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for t..."

2017-05-18T14:48:28Z

Created page with "== Changes == Since {{kernel link|rhel6|042stab123.2}}: * [Important] The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for t..."

New page

== Changes ==
Since {{kernel link|rhel6|042stab123.2}}:

* [Important] The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly have unspecified other impact via crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895)
* [Important] The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. (CVE-2017-7645)
* Node with containers running over an NFS share could crash during container resize operations. A degradation in 042stab123.x kernels. (PSBM-65555)
* Under certain rare conditions, if host resources were lacking, starting a container with NFS support could crash the host. All 042stab kernels were affected. (PSBM-65550)

=== See also ===
* {{CVE|2017-7895}}
* {{CVE|2017-7645}}

Download/kernel/rhel6/042stab123.3/changes - Revision history

Vvs: Created page with "== Changes == Since {{kernel link|rhel6|042stab123.2}}: * [Important] The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for t..."