CVE

CVE-2015-9265

CVE-2015-9265

An issue was discovered in libtirpc before 1.0.1 allowing for remote crash of RPC services. Due to a missing check of the return value for NULL within makefd_xprt(), the rendezvous_request() function in svc_vc.c might perform a NULL pointer dereference and hence crash the application resulting in a denial of service in situations where file descriptors are exhausted (i.e., fd >= FD_SETSIZE).

Source: CVE-2015-9265

Exit mobile version