Vulnetix
Try Vulnetix Request Demo
CVE-2017-7895 PUBLISHED

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

EPSS 21.52% · 95.7th percentile

Risk Scores

EPSS Score
21.52%
95.7th percentile

Affected Products

VendorProductVersions
Ubuntu:22.04:LTSlinux-riscv5.15.0-1011.12, 0, 5.13.0-1004.4
Ubuntu:16.04:LTSlinux-gke4.4.0-1003.3, 4.4.0-1013.13, 4.4.0-1012.12
Ubuntu:24.04:LTSlinux-azure-6.116.11.0-1017.17~24.04.1, 6.11.0-1018.18~24.04.1, 0
Ubuntu:16.04:LTSlinux-hwe4.8.0-52.55~16.04.1, 4.8.0-51.54~16.04.1, 4.8.0-49.52~16.04.1
Ubuntu:24.04:LTSlinux-raspi-realtime0, 6.8.0-2019.20
Ubuntu:16.04:LTSlinux-raspi24.4.0-1052.59, 4.4.0-1055.62, 4.4.0-1054.61
Ubuntu:18.04:LTSlinux-azure4.15.0-1012.12, 4.18.0-1020.20~18.04.1, 4.18.0-1019.19~18.04.1
Ubuntu:22.04:LTSlinux-intel-iot-realtime5.15.0-1073.75, 0
Ubuntu:18.04:LTSlinux-hwe5.3.0-51.44~18.04.2, 5.3.0-46.38~18.04.1, 5.3.0-45.37~18.04.1
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1072.75+cvm1.1, 5.4.0-1103.109+cvm1.1, 5.4.0-1100.106+cvm1.1
Ubuntu:Pro:20.04:LTSlinux-azure-fde-5.155.15.0-1021.26~20.04.1.1, 0, 5.15.0-1019.24~20.04.1.1
Ubuntu:18.04:LTSlinux-oem4.15.0-1009.12, 0, 4.15.0-1002.3
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:20.04:LTSlinux-gke5.4.0-1056.59, 5.4.0-1101.108, 5.4.0-1100.107
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-62.83~14.04.1, 4.4.0-59.80~14.04.1, 4.4.0-57.78~14.04.1
Ubuntu:14.04:LTSlinux3.13.0-65.106, 3.13.0-63.103, 3.13.0-62.102
Ubuntu:18.04:LTSlinux-hwe-edge5.3.0-24.26~18.04.2, 5.3.0-23.25~18.04.2, 5.3.0-23.25~18.04.1
Ubuntu:16.04:LTSlinux4.4.0-59.80, 4.4.0-53.74, 4.4.0-51.72
Ubuntu:18.04:LTSlinux-gcp4.15.0-1019.20, 0, 4.15.0-1001.1
Ubuntu:20.04:LTSlinux-riscv0, 5.4.0-24.28, 5.4.0-26.30

…and 6 more

Timeline

References

Open in Interactive Console →