Your submission was sent successfully! Close

CVE-2015-7236

Published: 18 September 2015

Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
rpcbind
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.2.1-2ubuntu2.2)
Patches:
Other: http://www.spinics.net/lists/linux-nfs/msg53045.html