Bug 1443615 (CVE-2017-7645)
Summary: | CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | apmukher, aquini, bhu, dhoward, dominik.mierzejewski, fhrbata, gansalmon, hwkernel-mgr, iboverma, ichavero, itamar, jforbes, jkacur, jonathan, jross, jwboyer, kent, kernel-maint, kernel-mgr, labbott, lgoncalv, madhu.chinakonda, matt, mchehab, mcressma, nmurray, pholasek, plougher, ppandit, rt-maint, rvrbovsk, slawomir, slong, williams, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel, resulting in denial of service.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-08 03:10:46 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1442407, 1443617, 1447168, 1447640, 1447641, 1447642, 1447643, 1447644, 1447645, 1447646, 1447647 | ||
Bug Blocks: | 1443616 |
Description
Andrej Nemec
2017-04-19 14:45:10 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1443617] Statement: This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2 may address this issue. This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2017:1647 https://access.redhat.com/errata/RHSA-2017:1647 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1615 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1616 https://access.redhat.com/errata/RHSA-2017:1616 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1319 https://access.redhat.com/errata/RHSA-2018:1319 |