(RHSA-2022:8400) Moderate: libtirpc security update

2022-11-1506:23:29

access.redhat.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.005 Low

EPSS

Percentile

76.4%

JSON

The libtirpc packages contain SunLib’s implementation of transport-independent remote procedure call (TI-RPC) documentation, which includes a library required by programs in the nfs-utils and rpcbind packages.

Security Fix(es):

libtirpc: DoS vulnerability with lots of connections (CVE-2021-46828)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9ppc64lelibtirpc-debuginfo< 1.3.3-0.el9libtirpc-debuginfo-1.3.3-0.el9.ppc64le.rpm
RedHat9i686libtirpc-debuginfo< 1.3.3-0.el9libtirpc-debuginfo-1.3.3-0.el9.i686.rpm
RedHat9i686libtirpc-debugsource< 1.3.3-0.el9libtirpc-debugsource-1.3.3-0.el9.i686.rpm
RedHat9x86_64libtirpc-debuginfo< 1.3.3-0.el9libtirpc-debuginfo-1.3.3-0.el9.x86_64.rpm
RedHat9i686libtirpc-devel< 1.3.3-0.el9libtirpc-devel-1.3.3-0.el9.i686.rpm
RedHat9x86_64libtirpc< 1.3.3-0.el9libtirpc-1.3.3-0.el9.x86_64.rpm
RedHat9ppc64lelibtirpc< 1.3.3-0.el9libtirpc-1.3.3-0.el9.ppc64le.rpm
RedHat9ppc64lelibtirpc-debugsource< 1.3.3-0.el9libtirpc-debugsource-1.3.3-0.el9.ppc64le.rpm
RedHat9s390xlibtirpc-debuginfo< 1.3.3-0.el9libtirpc-debuginfo-1.3.3-0.el9.s390x.rpm
RedHat9ppc64lelibtirpc-devel< 1.3.3-0.el9libtirpc-devel-1.3.3-0.el9.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	ppc64le	libtirpc-debuginfo	< 1.3.3-0.el9	libtirpc-debuginfo-1.3.3-0.el9.ppc64le.rpm
RedHat	9	i686	libtirpc-debuginfo	< 1.3.3-0.el9	libtirpc-debuginfo-1.3.3-0.el9.i686.rpm
RedHat	9	i686	libtirpc-debugsource	< 1.3.3-0.el9	libtirpc-debugsource-1.3.3-0.el9.i686.rpm
RedHat	9	x86_64	libtirpc-debuginfo	< 1.3.3-0.el9	libtirpc-debuginfo-1.3.3-0.el9.x86_64.rpm
RedHat	9	i686	libtirpc-devel	< 1.3.3-0.el9	libtirpc-devel-1.3.3-0.el9.i686.rpm
RedHat	9	x86_64	libtirpc	< 1.3.3-0.el9	libtirpc-1.3.3-0.el9.x86_64.rpm
RedHat	9	ppc64le	libtirpc	< 1.3.3-0.el9	libtirpc-1.3.3-0.el9.ppc64le.rpm
RedHat	9	ppc64le	libtirpc-debugsource	< 1.3.3-0.el9	libtirpc-debugsource-1.3.3-0.el9.ppc64le.rpm
RedHat	9	s390x	libtirpc-debuginfo	< 1.3.3-0.el9	libtirpc-debuginfo-1.3.3-0.el9.s390x.rpm
RedHat	9	ppc64le	libtirpc-devel	< 1.3.3-0.el9	libtirpc-devel-1.3.3-0.el9.ppc64le.rpm