CVE-2018-16884 vulnerability in Red Hat and Other Products
Published on December 18, 2018
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
NVD
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2018-16884 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2018-16884
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-16884 are published in these products:
Affected Versions
[UNKNOWN] kernel: Version n/a is affected by CVE-2018-16884Exploit Probability
EPSS
0.05%
Percentile
14.78%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.