Description: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7645 https://marc.info/?l=linux-nfs&m=149218228327497&w=2 https://marc.info/?l=linux-nfs&m=149247516212924&w=2 Notes: carnil> afaict the issue for which CVE-2017-7645 was assigned carnil> is fixed with e6838a29ecb484c97e4efef9429643b9851fba6e carnil> but I think carnil> db44bac41bbfc0c0d9dd943092d8bded3c9db19b (nfsd4: minor carnil> NFSv2/v3 write decoding cleanup) and the following carnil> 13bf9fbff0e5e099e2b6f003a0ab8ae145436309 (nfsd: stricter carnil> decoding of write-like NFSv2/v3 ops) should be applied carnil> as well (should the last commit get a separate CVE id?) carnil> 13bf9fbff0e5e099e2b6f003a0ab8ae145436309 got a separate carnil> CVE: CVE-2017-7895 Bugs: upstream: released (4.11) [e6838a29ecb484c97e4efef9429643b9851fba6e] 4.9-upstream-stable: released (4.9.26) [fc6445df466f37291a70937642068bda78802a5b] 3.16-upstream-stable: released (3.16.44) [1d4ab03084d4bace93b1573c57a309e954d05c09] 3.2-upstream-stable: released (3.2.89) [1eb3e42d91d63fc757a8da38683f417bcdf953a2] sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch] 4.9-stretch-security: N/A "Fixed before branching point" 3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch] 3.2-wheezy-security: released (3.2.89-1)