CVE-2003-0619
published 2003-08-27CVE-2003-0619: Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel…
PriorityP422medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.88%
95.3th percentile
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 2.4.21 | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2003-07-29·CVSS 5.0
CVE-2003-0619 [MEDIUM] security flaw
security flaw
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
GHSA
GHSA-j55c-jm95-hcr6: Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6
ghsa_unreviewed·2022-05-03·CVSS 5.0
CVE-2003-0576 [MEDIUM] GHSA-j55c-jm95-hcr6: Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6
Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.
GHSA
GHSA-jmh6-8478-qrf8: Integer signedness error in the decode_fh function of nfs3xdr
ghsa_unreviewed·2022-04-29
CVE-2003-0619 [MEDIUM] GHSA-jmh6-8478-qrf8: Integer signedness error in the decode_fh function of nfs3xdr
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
No detection rules found.
http://marc.info/?l=bugtraq&m=105950927708272&w=2http://www.debian.org/security/2004/dsa-358http://www.redhat.com/support/errata/RHSA-2003-198.htmlhttp://www.redhat.com/support/errata/RHSA-2003-239.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A386http://marc.info/?l=bugtraq&m=105950927708272&w=2http://www.debian.org/security/2004/dsa-358http://www.redhat.com/support/errata/RHSA-2003-198.htmlhttp://www.redhat.com/support/errata/RHSA-2003-239.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A386
2003-08-27
Published