CVE-2018-1000028

NameCVE-2018-1000028
DescriptionLinux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the "rootsquash" options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)wheezy3.2.78-1fixed
wheezy (security)3.2.96-3fixed
jessie3.16.51-2fixed
jessie (security)3.16.51-3+deb8u1fixed
stretch4.9.65-3fixed
stretch (security)4.9.65-3+deb9u2fixed
buster4.14.13-1vulnerable
sid4.15.4-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsource(unstable)4.14.17-1
linuxsourcejessie(not affected)
linuxsourcestretch(not affected)
linuxsourcewheezy(not affected)

Notes

[stretch] - linux <not-affected> (Vulnerable code introduced later)
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
Fixed by: https://git.kernel.org/linus/1995266727fa8143897e89b55f5d3c79aa828420
Introducing commit backported to 4.14.8 and 4.9.76. But Debian stretch
did never contain the vulnerable code alone without the fix.

Search for package or bug name: Reporting problems