CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
redhatCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
linuxlinux_kernel
3.0 ≤
𝑥
≤ 4.20
redhatdeveloper_tools
1.0
redhatmrg_realtime
2.0
redhatenterprise_linux
7.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_eus
7.4
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_eus
7.6
redhatenterprise_linux_server_tus
7.4
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_workstation
7.0
netappcloud_backup
-
netapph410c_firmware
-
netapph300s_firmware
-
netapph500s_firmware
-
netapph700s_firmware
-
netapph300e_firmware
-
netapph500e_firmware
-
netapph700e_firmware
-
netapph410s_firmware
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
jessie
not-affected
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
sid
6.11.5-1
fixed
trixie
6.11.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
disco
not-affected
cosmic
Fixed 4.18.0-14.15
released
bionic
Fixed 4.15.0-46.49
released
xenial
not-affected
trusty
not-affected
linux-aws
disco
not-affected
cosmic
Fixed 4.18.0-1008.10
released
bionic
Fixed 4.15.0-1033.35
released
xenial
not-affected
trusty
not-affected
linux-aws-hwe
disco
dne
cosmic
dne
bionic
dne
xenial
Fixed 4.15.0-1033.35~16.04.1
released
trusty
dne
linux-azure
disco
not-affected
cosmic
Fixed 4.18.0-1008.8
released
bionic
Fixed 4.18.0-1011.11~18.04.1
released
xenial
Fixed 4.15.0-1040.44
released
trusty
Fixed 4.15.0-1040.44~14.04.1
released
linux-azure-edge
disco
dne
cosmic
dne
bionic
Fixed 4.18.0-1011.11~18.04.1
released
xenial
Fixed 4.15.0-1040.44
released
trusty
dne
linux-euclid
disco
dne
cosmic
dne
bionic
dne
xenial
ignored
trusty
dne
linux-flo
disco
dne
cosmic
dne
bionic
dne
xenial
ignored
trusty
dne
linux-gcp
disco
not-affected
cosmic
Fixed 4.18.0-1006.7
released
bionic
Fixed 4.15.0-1028.29
released
xenial
Fixed 4.15.0-1028.29~16.04.1
released
trusty
dne
linux-gcp-edge
disco
dne
cosmic
dne
bionic
Fixed 4.18.0-1006.7~18.04.1
released
xenial
dne
trusty
dne
linux-gke
disco
dne
cosmic
dne
bionic
dne
xenial
ignored
trusty
dne
linux-gke-4.15
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-goldfish
disco
dne
cosmic
dne
bionic
dne
xenial
ignored
trusty
dne
linux-grouper
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
dne
linux-hwe
disco
dne
cosmic
dne
bionic
Fixed 4.18.0-14.15~18.04.1
released
xenial
Fixed 4.15.0-46.49~16.04.1
released
trusty
dne
linux-hwe-edge
disco
dne
cosmic
dne
bionic
not-affected
xenial
Fixed 4.15.0-46.49~16.04.1
released
trusty
dne
linux-kvm
disco
not-affected
cosmic
Fixed 4.18.0-1007.7
released
bionic
Fixed 4.15.0-1030.30
released
xenial
not-affected
trusty
dne
linux-lts-trusty
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
dne
linux-lts-utopic
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
ignored
linux-lts-vivid
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
ignored
linux-lts-wily
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
ignored
linux-lts-xenial
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
not-affected
linux-maguro
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
dne
linux-mako
disco
dne
cosmic
dne
bionic
dne
xenial
ignored
trusty
dne
linux-manta
disco
dne
cosmic
dne
bionic
dne
xenial
dne
trusty
dne
linux-oem
disco
not-affected
cosmic
Fixed 4.15.0-1034.39
released
bionic
Fixed 4.15.0-1034.39
released
xenial
ignored
trusty
dne
linux-oracle
disco
not-affected
cosmic
Fixed 4.15.0-1009.11
released
bionic
Fixed 4.15.0-1009.11
released
xenial
Fixed 4.15.0-1009.11~16.04.1
released
trusty
dne
linux-raspi2
disco
not-affected
cosmic
Fixed 4.18.0-1009.11
released
bionic
Fixed 4.15.0-1032.34
released
xenial
not-affected
trusty
dne
linux-snapdragon
disco
not-affected
cosmic
dne
bionic
not-affected
xenial
not-affected
trusty
dne
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2019:2696
https://access.redhat.com/errata/RHSA-2019:2730
https://access.redhat.com/errata/RHSA-2020:0740
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871
https://security.netapp.com/advisory/ntap-20211004-0002/
https://support.f5.com/csp/article/K18657134
https://support.f5.com/csp/article/K18657134?utm_source=f5support&amp%3Butm_medium=RSS
https://access.redhat.com/errata/RHSA-2019:2696
https://access.redhat.com/errata/RHSA-2019:2730
https://access.redhat.com/errata/RHSA-2020:0740
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871
https://security.netapp.com/advisory/ntap-20211004-0002/
https://support.f5.com/csp/article/K18657134
https://support.f5.com/csp/article/K18657134?utm_source=f5support&amp%3Butm_medium=RSS