2 matches found
CVE-2021-46828
CVE-2021-46828 – libtirpc is linked to a DoS in the RPC library where idle TCP connections are mishandled. This can exhaust a process’s file descriptors and cause an svc_run loop that stops accepting new connections. The vulnerability is tied to libtirpc versions before 1.3.3rc1. A fix is availab...
CVE-2018-14622
libtirpc has a null-pointer dereference vulnerability (CVE-2018-14622) prior to version 0.3.3-rc3. The code path around makefd_xprt() does not always check return values, which can lead to a crash when the server hits the maximum number of file descriptors. A remote attacker could trigger a denia...