A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.001}

epss

{'score': 0.00078}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-05T10:32:54.149Z

Reserved: 2018-09-11T00:00:00

Link: CVE-2018-16884

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-12-18T22:29:04.713

Modified: 2024-11-21T03:53:31.757

Link: CVE-2018-16884

cve-icon Redhat

Severity : Important

Publid Date: 2018-11-27T00:00:00Z

Links: CVE-2018-16884 - Bugzilla

cve-icon OpenCVE Enrichment

No data.