CVE-2018-17157

Summary

In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
FreeBSDFreeBSDFreeBSD 11.2 before 11.2-RELEASE-p5affected

Weaknesses

  • Kernel integer overflow

ADP Enrichment

CVE Program Container

Additional References

References