CVE-2015-7236

NameCVE-2015-7236
DescriptionUse-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-311-1, DSA-3366-1
NVD severitymedium (attack range: remote)
Debian Bugs799307

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
rpcbind (PTS)wheezy0.2.0-8+deb7u1fixed
wheezy (security)0.2.0-8+deb7u2fixed
jessie (security), jessie0.2.1-6+deb8u2fixed
buster, sid, stretch0.2.3-0.6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
rpcbindsource(unstable)0.2.1-6.1medium799307
rpcbindsourcejessie0.2.1-6+deb8u1mediumDSA-3366-1
rpcbindsourcesqueeze0.2.0-4.1+deb6u1mediumDLA-311-1
rpcbindsourcewheezy0.2.0-8+deb7u1mediumDSA-3366-1

Notes

https://bugzilla.suse.com/show_bug.cgi?id=946204
http://www.spinics.net/lists/linux-nfs/msg53045.html
http://www.openwall.com/lists/oss-security/2015/09/17/1

Search for package or bug name: Reporting problems