CVE 2017-7895
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
Related bugs and status
CVE-2017-7895 (Candidate) is related to these bugs:
Bug #1690094: linux <3.18: netlink notification is missing when an interface is modified
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1690094 | linux <3.18: netlink notification is missing when an interface is modified | linux (Ubuntu) | Medium | Fix Released | ||
| 1690094 | linux <3.18: netlink notification is missing when an interface is modified | linux (Ubuntu Trusty) | Medium | Fix Released | ||
Bug #1696436: arm64: 'reboot' doesn't work, needs to pull the plug
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1696436 | arm64: 'reboot' doesn't work, needs to pull the plug | linux-raspi2 (Ubuntu) | Undecided | New | ||
| 1696436 | arm64: 'reboot' doesn't work, needs to pull the plug | linux-raspi2 (Ubuntu Yakkety) | Medium | Fix Released | ||
Bug #1696445: OpenPower: Some multipaths temporarily have only a single path
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1696445 | OpenPower: Some multipaths temporarily have only a single path | linux (Ubuntu) | Undecided | Fix Released | ||
| 1696445 | OpenPower: Some multipaths temporarily have only a single path | The Ubuntu-power-systems project | Undecided | Fix Released | ||
| 1696445 | OpenPower: Some multipaths temporarily have only a single path | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
| 1696445 | OpenPower: Some multipaths temporarily have only a single path | linux (Ubuntu Zesty) | Medium | Fix Released | ||
| 1696445 | OpenPower: Some multipaths temporarily have only a single path | linux (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1697053: Missing IOTLB flush causes DMAR errors with SR-IOV
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1697053 | Missing IOTLB flush causes DMAR errors with SR-IOV | linux (Ubuntu) | Undecided | Confirmed | ||
| 1697053 | Missing IOTLB flush causes DMAR errors with SR-IOV | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
Bug #1698264: Processes in "D" state due to zap_pid_ns_processes kernel call with Ubuntu + Docker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1698264 | Processes in "D" state due to zap_pid_ns_processes kernel call with Ubuntu + Docker | linux (Ubuntu) | Medium | Fix Released | ||
| 1698264 | Processes in "D" state due to zap_pid_ns_processes kernel call with Ubuntu + Docker | linux (Ubuntu Zesty) | Medium | Fix Released | ||
| 1698264 | Processes in "D" state due to zap_pid_ns_processes kernel call with Ubuntu + Docker | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
| 1698264 | Processes in "D" state due to zap_pid_ns_processes kernel call with Ubuntu + Docker | linux (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1699651: KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1699651 | KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device | linux (Ubuntu) | Undecided | Fix Released | ||
| 1699651 | KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device | HWE Next | Undecided | Fix Released | ||
| 1699651 | KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1699651 | KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
| 1699651 | KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device | linux (Ubuntu Yakkety) | Undecided | Fix Released | ||
Bug #1701019: linux: 4.8.0-59.64 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1701019 | linux: 4.8.0-59.64 -proposed tracker | linux (Ubuntu Yakkety) | Undecided | Fix Released | ||
Bug #1701020: linux-raspi2: 4.8.0-1043.47 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | linux-raspi2 (Ubuntu) | Undecided | Invalid | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1701020 | linux-raspi2: 4.8.0-1043.47 -proposed tracker | linux-raspi2 (Ubuntu Yakkety) | Undecided | Fix Released | ||
Bug #1701042: linux: 3.13.0-125.174 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Incomplete | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Confirmed | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | In Progress | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | New | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | New | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | In Progress | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Confirmed | ||
| 1701042 | linux: 3.13.0-125.174 -proposed tracker | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
Bug #1703396: linux: 3.13.0-125.174 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1703396 | linux: 3.13.0-125.174 -proposed tracker | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
Bug #1703401: NULL pointer dereference triggered by openvswitch autopkg testcase
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1703401 | NULL pointer dereference triggered by openvswitch autopkg testcase | linux (Ubuntu) | Undecided | Fix Released | ||
| 1703401 | NULL pointer dereference triggered by openvswitch autopkg testcase | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
