The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
Linux Kernel 6.x/5.15 LTS
Exploit
CVE-2017-7895
NVD
Refer to CVE-2017-7895 NVD advisory