Описание
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
A null-pointer dereference vulnerability was found in libtirpc. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | libntirpc | Not affected | ||
| Red Hat Ceph Storage 3 | libntirpc | Not affected | ||
| Red Hat Enterprise Linux 6 | libtirpc | Will not fix | ||
| Red Hat Enterprise Linux 8 | libtirpc | Not affected | ||
| Red Hat OpenShift Enterprise 3 | libtirpc | Not affected | ||
| Red Hat Storage 3 | libntirpc | Not affected | ||
| Red Hat Virtualization 4 | libtirpc | Not affected | ||
| Red Hat Enterprise Linux 7 | libtirpc | Fixed | RHBA-2017:1991 | 01.08.2017 |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
A null-pointer dereference vulnerability was found in libtirpc before ...
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
Уязвимость функции makefd_xprt() библиотеки предоставления протокола RPC libtirpc, позволяющая нарушителю вызвать отказ в обслуживании
5.3 Medium
CVSS3