Severity

Medium

Analysis Summary

An error within the “nfsd4_verify_copy()” function (fs/nfsd/nfs4proc.c) can be exploited to trigger a NULL pointer deference and subsequently crash the NFS server.

Impact

Denial of Service

Affected Vendors

Linux

Affected Products

• Linux Kernel 4.9.x
• Linux Kernel 4.14.x
• Linux Kernel 4.19.x

Remediation

Update to a fixed version.

Versions 4.19.x:

Update to version 4.19.3 or later.

Versions 4.14.x:

Update to version 4.14.82 or later.

Versions 4.9.x:

Update to version 4.9.138 or later.