Skip to main content

Libnfs CVE-2026-57918

| EUVDEUVD-2026-39647 HIGH
Integer Underflow (CWE-191)
2026-06-26 mitre GHSA-27p2-fpv6-cj8c
7.1
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
7.1 HIGH
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
SUSE
HIGH
qualitative

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low

Lifecycle Timeline

3
Patch available
Jun 26, 2026 - 12:02 EUVD
Source Code Evidence Fetched
Jun 26, 2026 - 11:21 vuln.today
Analysis Generated
Jun 26, 2026 - 11:21 vuln.today

DescriptionCVE.org

libnfs through 6.0.2 before f0b109d has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker.

AnalysisAI

Client-side memory-safety failure in libnfs (through 6.0.2, fixed by commit f0b109d/935b8db) lets a malicious or compromised NFS server trigger an unsigned integer underflow in the RPC record-marker handling of rpc_read_from_socket(). When a victim application using libnfs connects to a crafted server, the server can supply a record marker whose declared xid/pdu length is smaller than the size libnfs expects to read, wrapping the length value and driving an oversized READ_IOVEC read with corresponding heap memory disclosure or corruption. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Recommended ActionAI

Within 24 hours: Identify all systems and applications using libnfs through version 6.0.2; map which systems initiate NFS connections to external or untrusted endpoints. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Not-Affected
SUSE Linux Enterprise Module for Basesystem 15 SP7 Not-Affected
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Not-Affected
SUSE Linux Enterprise Server 15 SP7 Not-Affected

Share

CVE-2026-57918 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy