CVE-2018-16884
18.12.2018, 22:29
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.Enginsight
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 3.7 ≤ 𝑥 < 3.16.65 |
| linux | linux_kernel | 3.17 ≤ 𝑥 < 3.18.133 |
| linux | linux_kernel | 3.19 ≤ 𝑥 < 4.4.171 |
| linux | linux_kernel | 4.5 ≤ 𝑥 < 4.9.151 |
| linux | linux_kernel | 4.10 ≤ 𝑥 < 4.14.94 |
| linux | linux_kernel | 4.15 ≤ 𝑥 < 4.19.16 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 4.20.3 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_mrg | 2.0 |
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||
| linux-aws |
| ||||||||||
| linux-aws-hwe |
| ||||||||||
| linux-azure |
| ||||||||||
| linux-azure-edge |
| ||||||||||
| linux-euclid |
| ||||||||||
| linux-flo |
| ||||||||||
| linux-gcp |
| ||||||||||
| linux-gcp-edge |
| ||||||||||
| linux-gke |
| ||||||||||
| linux-gke-4.15 |
| ||||||||||
| linux-gke-5.0 |
| ||||||||||
| linux-goldfish |
| ||||||||||
| linux-grouper |
| ||||||||||
| linux-hwe |
| ||||||||||
| linux-hwe-edge |
| ||||||||||
| linux-kvm |
| ||||||||||
| linux-lts-trusty |
| ||||||||||
| linux-lts-utopic |
| ||||||||||
| linux-lts-vivid |
| ||||||||||
| linux-lts-wily |
| ||||||||||
| linux-lts-xenial |
| ||||||||||
| linux-maguro |
| ||||||||||
| linux-mako |
| ||||||||||
| linux-manta |
| ||||||||||
| linux-oem |
| ||||||||||
| linux-oracle |
| ||||||||||
| linux-raspi2 |
| ||||||||||
| linux-snapdragon |
|
Common Weakness Enumeration
References