cbcvebase.
CVE-2018-17157
published 2018-12-04

CVE-2018-17157: In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially…

PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
24.17%
97.6th percentile
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code.

Affected

3 ranges
VendorProductVersion rangeFixed in
freebsdfreebsd< 11.211.2
freebsdfreebsd
freebsdfreebsd

Detection & IOCsextracted from sources · hover to see the quote

port2049
  • Monitor for specially crafted NFSv4 requests triggering integer overflow in opcode handling, which may indicate exploitation attempts against the NFS server.
  • Unprivileged remote users with NFS access can trigger the vulnerability; monitor for unexpected NFS connections from untrusted or unauthenticated clients on port 2049.
  • Alert on NFS server crashes or unexpected reboots, which may indicate denial-of-service exploitation of this vulnerability.
  • ·Systems that do not provide NFS services are not vulnerable; scope detection efforts to NFS-serving hosts only.
  • ·No workaround is available beyond firewall-based access restriction to NFS port 2049; patching to 11.2-STABLE (r340854) or 11.2-RELEASE-p5 (r341088) is required.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.