Integer Overflow Vulnerability in FreeBSD NFSv4 Request Handling

Integer Overflow Vulnerability in FreeBSD NFSv4 Request Handling

CVE-2018-17157 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code.

Learn more about our Cis Benchmark Audit For Server Software.