{
  "threat_severity" : "Important",
  "public_date" : "2017-04-14T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: nfsd: Incorrect handling of long RPC replies",
    "id" : "1443615",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1443615"
  },
  "cvss" : {
    "cvss_base_score" : "7.1",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-130",
  "details" : [ "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.", "The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel, resulting in denial of service." ],
  "statement" : "This issue affects the versions of the Linux kernel as shipped with\nRed Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel\nupdates for Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2 may\naddress this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2018-05-08T00:00:00Z",
    "advisory" : "RHSA-2018:1319",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-696.28.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-06-28T00:00:00Z",
    "advisory" : "RHSA-2017:1616",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-514.26.1.rt56.442.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-06-28T00:00:00Z",
    "advisory" : "RHSA-2017:1615",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-514.26.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2017-06-28T00:00:00Z",
    "advisory" : "RHSA-2017:1647",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-1:3.10.0-514.rt56.228.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-7645\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7645" ],
  "name" : "CVE-2017-7645",
  "csaw" : false
}