J. Bruce Fields

6 exploits Active since Nov 2005
CVE-2017-8797 WRITEUP HIGH WRITEUP
Linux Kernel < 4.11.3 - Denial of Service via NFSv4 pNFS GETDEVICEINFO or LAYOUTGET Operand
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system.
CVSS 7.5
CVE-2017-7645 WRITEUP HIGH WRITEUP
Linux Kernel <= 4.10.11 - Denial of Service via Long NFSv2/NFSv3 RPC Reply
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
CVSS 7.5
CVE-2017-7895 WRITEUP CRITICAL WRITEUP
Linux Kernel < 3.2.89 - Buffer Overflow in NFSv2 and NFSv3 Server
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
CVSS 9.8
CVE-2017-8797 WRITEUP HIGH WRITEUP
Linux Kernel < 4.11.3 - Denial of Service via NFSv4 pNFS GETDEVICEINFO or LAYOUTGET Operand
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system.
CVSS 7.5
CVE-2017-9059 WRITEUP MEDIUM WRITEUP
Linux Kernel < 4.11.1 - Denial of Service via NFSv4 Channel Callback Shutdown
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak.
CVSS 5.5
CVE-2005-3807 EXPLOITDB c WORKING POC
Linux Kernel 2.6.10-2.6.15 - Denial of Service via VFS File Lease Handling
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.