Linux.Kernel.NFS.v2.v3.Malformed.Write.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure vulnerability in Linux NFSv2 and NFSv3 servers.
The vulnerability is due to improper validation of the end of a buffer when handling a crafted write request. A remote attacker can exploit this to gain unauthorized access to sensitive information.
Affected Products
Linux kernel 4.10.13 and earlier
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the latest update from the vendor
https://access.redhat.com/security/cve/cve-2017-7895
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |