ID CVE-2017-7895
Summary The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
References
Vulnerable Configurations
  • Linux Kernel 4.10.13
    cpe:2.3:o:linux:linux_kernel:4.10.13
CVSS
Base: 10.0 (as of 09-05-2017 - 15:06)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
redhat via4
advisories
  • bugzilla
    id 1446103
    title CVE-2017-7895 kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment kernel is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615015
        • comment kernel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842006
      • AND
        • comment kernel-abi-whitelists is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615007
        • comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131645028
      • AND
        • comment kernel-bootwrapper is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615029
        • comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842010
      • AND
        • comment kernel-debug is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615013
        • comment kernel-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842012
      • AND
        • comment kernel-debug-devel is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615011
        • comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842014
      • AND
        • comment kernel-devel is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615021
        • comment kernel-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842016
      • AND
        • comment kernel-doc is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615005
        • comment kernel-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842024
      • AND
        • comment kernel-headers is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615019
        • comment kernel-headers is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842008
      • AND
        • comment kernel-kdump is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615009
        • comment kernel-kdump is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842018
      • AND
        • comment kernel-kdump-devel is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615025
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842020
      • AND
        • comment kernel-tools is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615027
        • comment kernel-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140678010
      • AND
        • comment kernel-tools-libs is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615033
        • comment kernel-tools-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140678012
      • AND
        • comment kernel-tools-libs-devel is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615031
        • comment kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140678020
      • AND
        • comment perf is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615023
        • comment perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842022
      • AND
        • comment python-perf is earlier than 0:3.10.0-514.26.1.el7
          oval oval:com.redhat.rhsa:tst:20171615017
        • comment python-perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111849018
    rhsa
    id RHSA-2017:1615
    released 2017-06-28
    severity Important
    title RHSA-2017:1615: kernel security and bug fix update (Important)
  • bugzilla
    id 1461333
    title CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment kernel-rt is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616013
        • comment kernel-rt is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727006
      • AND
        • comment kernel-rt-debug is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616015
        • comment kernel-rt-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727014
      • AND
        • comment kernel-rt-debug-devel is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616007
        • comment kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727016
      • AND
        • comment kernel-rt-debug-kvm is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616023
        • comment kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152411008
      • AND
        • comment kernel-rt-devel is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616021
        • comment kernel-rt-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727012
      • AND
        • comment kernel-rt-doc is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616005
        • comment kernel-rt-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727022
      • AND
        • comment kernel-rt-kvm is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616019
        • comment kernel-rt-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152411024
      • AND
        • comment kernel-rt-trace is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616009
        • comment kernel-rt-trace is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727008
      • AND
        • comment kernel-rt-trace-devel is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616011
        • comment kernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727010
      • AND
        • comment kernel-rt-trace-kvm is earlier than 0:3.10.0-514.26.1.rt56.442.el7
          oval oval:com.redhat.rhsa:tst:20171616017
        • comment kernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152411014
    rhsa
    id RHSA-2017:1616
    released 2017-06-28
    severity Important
    title RHSA-2017:1616: kernel-rt security and bug fix update (Important)
  • bugzilla
    id 1446103
    title CVE-2017-7895 kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723025
        • comment kernel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842006
      • AND
        • comment kernel-abi-whitelists is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723009
        • comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131645028
      • AND
        • comment kernel-bootwrapper is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723029
        • comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842010
      • AND
        • comment kernel-debug is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723013
        • comment kernel-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842012
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723023
        • comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842014
      • AND
        • comment kernel-devel is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723015
        • comment kernel-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842016
      • AND
        • comment kernel-doc is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723005
        • comment kernel-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842024
      • AND
        • comment kernel-firmware is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723007
        • comment kernel-firmware is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842026
      • AND
        • comment kernel-headers is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723019
        • comment kernel-headers is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842008
      • AND
        • comment kernel-kdump is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723027
        • comment kernel-kdump is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842018
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723011
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842020
      • AND
        • comment perf is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723021
        • comment perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842022
      • AND
        • comment python-perf is earlier than 0:2.6.32-696.6.3.el6
          oval oval:com.redhat.rhsa:tst:20171723017
        • comment python-perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111849018
    rhsa
    id RHSA-2017:1723
    released 2017-07-11
    severity Important
    title RHSA-2017:1723: kernel security and bug fix update (Important)
rpms
  • kernel-0:3.10.0-514.26.1.el7
  • kernel-abi-whitelists-0:3.10.0-514.26.1.el7
  • kernel-bootwrapper-0:3.10.0-514.26.1.el7
  • kernel-debug-0:3.10.0-514.26.1.el7
  • kernel-debug-devel-0:3.10.0-514.26.1.el7
  • kernel-devel-0:3.10.0-514.26.1.el7
  • kernel-doc-0:3.10.0-514.26.1.el7
  • kernel-headers-0:3.10.0-514.26.1.el7
  • kernel-kdump-0:3.10.0-514.26.1.el7
  • kernel-kdump-devel-0:3.10.0-514.26.1.el7
  • kernel-tools-0:3.10.0-514.26.1.el7
  • kernel-tools-libs-0:3.10.0-514.26.1.el7
  • kernel-tools-libs-devel-0:3.10.0-514.26.1.el7
  • perf-0:3.10.0-514.26.1.el7
  • python-perf-0:3.10.0-514.26.1.el7
  • kernel-rt-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-debug-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-debug-devel-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-debug-kvm-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-devel-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-doc-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-kvm-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-trace-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-trace-devel-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-rt-trace-kvm-0:3.10.0-514.26.1.rt56.442.el7
  • kernel-0:2.6.32-696.6.3.el6
  • kernel-abi-whitelists-0:2.6.32-696.6.3.el6
  • kernel-bootwrapper-0:2.6.32-696.6.3.el6
  • kernel-debug-0:2.6.32-696.6.3.el6
  • kernel-debug-devel-0:2.6.32-696.6.3.el6
  • kernel-devel-0:2.6.32-696.6.3.el6
  • kernel-doc-0:2.6.32-696.6.3.el6
  • kernel-firmware-0:2.6.32-696.6.3.el6
  • kernel-headers-0:2.6.32-696.6.3.el6
  • kernel-kdump-0:2.6.32-696.6.3.el6
  • kernel-kdump-devel-0:2.6.32-696.6.3.el6
  • perf-0:2.6.32-696.6.3.el6
  • python-perf-0:2.6.32-696.6.3.el6
refmap via4
bid 98085
confirm
debian DSA-3886
Last major update 11-05-2017 - 10:19
Published 28-04-2017 - 06:59
Last modified 08-12-2017 - 21:29
Back to Top