redhat developer-tools CVE-2018-16871 vulnerability in Red Hat and Other Products
Published on July 30, 2019

product logo product logo product logo
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.


Products Associated with CVE-2018-16871

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-16871 are published in these products:

Red Hat Developer Tools
 
Linux Kernel
 
Red Hat Enterprise Linux (RHEL)
 
Red Hat Enterprise Linux Desktop
 
Red Hat Enterprise Linux Server
 
Red Hat Enterprise Linux Server Aus
 
Red Hat Enterprise Linux Server Eus
 
Red Hat Enterprise Linux Server Tus
 
Red Hat Enterprise Linux Workstation
 
Red Hat Mrg Realtime
 
Red Hat Enterprise Linux Eus
 
NetApp Cloud Backup
 

Affected Versions

Red Hat kernel: Version all 3.x, all 4.x up to 4.20 is affected by CVE-2018-16871

Exploit Probability

EPSS
1.53%
Percentile
81.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.