Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 6 of 6 results

CVE-2021-46828

Medium priority

Some fixes available 3 of 6

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting...

2 affected packages

libtirpc, ntirpc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libtirpc Not affected Fixed Fixed Not affected Not affected
ntirpc Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2018-14621

Medium priority
Not affected

An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to using poll rather than select, exhaustion of file descriptors would cause the server to enter an infinite loop, consuming a large...

1 affected packages

libtirpc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libtirpc Not affected Not affected
Show less packages

CVE-2018-14622

Medium priority
Fixed

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number...

1 affected packages

libtirpc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libtirpc Fixed Fixed
Show less packages

CVE-2017-8779

Medium priority

Some fixes available 5 of 17

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a...

3 affected packages

libtirpc, ntirpc, rpcbind

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libtirpc Not affected Not affected Not affected Not affected Fixed
ntirpc Not affected Not affected Not affected Not affected Vulnerable
rpcbind Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2016-4429

Low priority

Some fixes available 5 of 13

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of...

4 affected packages

eglibc, glibc, libtirpc, ntirpc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release
glibc Not affected Not affected Not affected Fixed
libtirpc Not affected Not affected Not affected Fixed
ntirpc Not affected Not affected Not affected Not affected
Show less packages

CVE-2013-1950

Medium priority
Ignored

The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.

2 affected packages

libtirpc, ntirpc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libtirpc Not affected Not affected Not affected Not affected
ntirpc Not affected Not affected Not affected Not affected
Show less packages