2014-12-31
ALT-BU-2014-3190-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2015-10-01
BDU:2015-11539
Уязвимость сервера динамического назначения RPC-портов RPCbind, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
Published: 2015-10-01
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-7236
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- FEDORA-2015-36b145bd37
- FEDORA-2015-36b145bd37
- FEDORA-2015-9eee2fbc78
- FEDORA-2015-9eee2fbc78
- DSA-3366
- DSA-3366
- [oss-security] 20150917 CVE Request: remote triggerable use-after-free in rpcbind
- [oss-security] 20150917 CVE Request: remote triggerable use-after-free in rpcbind
- [oss-security] 20150917 Re: CVE Request: remote triggerable use-after-free in rpcbind
- [oss-security] 20150917 Re: CVE Request: remote triggerable use-after-free in rpcbind
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- 76771
- 76771
- 1033673
- 1033673
- [linux-nfs] 20150810 [PATCH] Fix memory corruption in PMAP_CALLIT code
- [linux-nfs] 20150810 [PATCH] Fix memory corruption in PMAP_CALLIT code
- USN-2756-1
- USN-2756-1
- FreeBSD-SA-15:24
- FreeBSD-SA-15:24
- GLSA-201611-17
- GLSA-201611-17
Package livecd-tmpfs updated to version 0.2-alt1 for branch sisyphus in task 137828.
Closed bugs
[live-builder] use tmpfs more extensively