Lucene search
K
Libtirpc ProjectLibtirpc

5 matches found

CVE
CVE
added 2017/05/04 2:0 p.m.398 views

CVE-2017-8779

CVE-2017-8779 affects rpcbind and its TI-RPC/libtirpc stack. The issue is an unbounded memory leak while parsing XDR strings, causing memory exhaustion and potential denial of service via crafted UDP traffic to port 111 (rpcbomb). Public advisories and vendor notes confirm the root cause in libti...

7.8CVSS7.4AI score0.81921EPSS
CVE
CVE
added 2022/07/20 12:0 a.m.379 views

CVE-2021-46828

CVE-2021-46828 – libtirpc is linked to a DoS in the RPC library where idle TCP connections are mishandled. This can exhaust a process’s file descriptors and cause an svc_run loop that stops accepting new connections. The vulnerability is tied to libtirpc versions before 1.3.3rc1. A fix is availab...

7.5CVSS7.3AI score0.02088EPSS
CVE
CVE
added 2018/08/30 1:0 p.m.240 views

CVE-2018-14622

libtirpc has a null-pointer dereference vulnerability (CVE-2018-14622) prior to version 0.3.3-rc3. The code path around makefd_xprt() does not always check return values, which can lead to a crash when the server hits the maximum number of file descriptors. A remote attacker could trigger a denia...

7.5CVSS7.2AI score0.03861EPSS
CVE
CVE
added 2018/08/30 1:0 p.m.87 views

CVE-2018-14621

CVE-2018-14621 : Infinite loop DoS in libtirpc prior to 1.0.2-rc2 due to an EMFILE handling issue when switching from select to poll. Exploitation could exhaust fds and cause server CPU exhaustion and denial of service; impact is availability. Affected component is the libtirpc library used by se...

7.8CVSS7.3AI score0.02262EPSS
CVE
CVE
added 2013/07/09 5:0 p.m.69 views

CVE-2013-1950

CVE-2013-1950 affects libtirpc up to version 0.2.3, where a crafted Sun RPC request can trigger a free of an invalid pointer, causing DoS (rpcbind crash). Public notes in connected advisories (RHEL, Oracle Linux, Amazon Linux, MiracleLinux, F5 SOL/K19157x) confirm the vulnerability and list a fix...

4.3CVSS5.2AI score0.0646EPSS