CVE-2018-14622

7.5HIGH

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server

Veröffentlicht: 8/30/2018Aktualisiert: 11/21/2024
Auf NVD ansehenAuf MITRE ansehen

Beschreibung

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.

KI-AnalyseKI-gestützt

Betroffene Produkte

libtirpc_projectlibtirpc
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
debiandebian_linux
8.0
redhatenterprise_linux
7.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_eus
7.4
redhatenterprise_linux_server_eus
7.5
redhatenterprise_linux_server_eus
7.6
redhatenterprise_linux_workstation
7.0

Referenzen