CVE-2018-1000028

N/A

Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the "rootsquash" options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa.

N/A

N/A

Linux kernel NFS server（nfsd）安全漏洞

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。NFS server（nfsd）是其中的一个网络文件系统服务器。 Linux kernel commit 1995266727fa之前版本中的NFS server（nfsd）存在安全漏洞。远程攻击者可借助NFS利用该漏洞读取或写入文件。

N/A

N/A