VDB
GCVE-110-MAGEIA-2017-149
GCVE-110-MAGEIA-2017-149
Advisory Published
This kernel update is based on upstream 4.4.68 and fixes at least
the following security issues:
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through
4.10.11 allows remote attackers to cause a denial of service (system crash)
via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and
fs/nfsd/nfsxdr.c (CVE-2017-7645).
The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lack certain checks for the end of a buffer, which allows remote
attackers to trigger pointer-arithmetic errors or possibly have unspecified
other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and
fs/nfsd/nfsxdr.c (CVE-2017-7895).
For other upstream fixes in this update, see the referenced changelogs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kmod-virtualbox | 0 (affected), 5.1.22-3.mga5 (unaffected) | — |
| Mageia | kmod-vboxadditions | 0 (affected), 5.1.22-3.mga5 (unaffected) | — |
| Mageia | kernel-userspace-headers | 0 (affected), 4.4.68-1.mga5 (unaffected) | — |
| Mageia | kmod-xtables-addons | 0 (affected), 2.10-38.mga5 (unaffected) | — |
| Mageia | kernel | 0 (affected), 4.4.68-1.mga5 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.