ASA-2018-00063 – FreeBSD: Missing sanity check in nfsrvd_compound()

Insufficient and improper checking in the NFS server code could cause a denial of service or possibly remote code execution via a specially crafted network packet. The function nfsrvd_compound() started statistics gathering for an operation before the operation number (the variable called "op") was sanity checked.

ASA-2018-00062 – FreeBSD: Missing validation in nfsrvd_readdirplus()

Insufficient and improper checking in the NFS server code could cause a denial of service or possibly remote code execution via a specially crafted network packet. Missing validation checking for the dircount hint argument to NFSv3's ReaddirPlus and NFSv4's Readdir operations. The code checked for a zero argument, but did not check for a very large value. This patch clips dircount at the server's maximum data size.