Описание
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
A denial of service (DoS) vulnerability was found in libtirpc. This flaw allows a remote attacker to exhaust the file descriptors of a process that uses libtirpc due to mishandling idle TCP connections. This issue leads to a svc_run infinite loop without accepting new connections.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libtirpc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libtirpc | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libtirpc | Fixed | RHBA-2022:2065 | 10.05.2022 |
| Red Hat Enterprise Linux 9 | libtirpc | Fixed | RHSA-2022:8400 | 15.11.2022 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file d ...
7.5 High
CVSS3