CVE-2015-7236
CVE-2015-7236 describes a use-after-free in rpcbind (xprt_set_caller in rpcb_svc_com.c) affecting rpcbind 0.2.1 and earlier. The vulnerability can be triggered by crafted PMAP_CALLIT packets over TCP/UDP, enabling a remote attacker to cause a denial-of-service (daemon crash). Connected sources do...