CVE-2021-46828
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-46828
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46828.json
- Related
- Published
- 2022-07-20T06:15:07Z
- Modified
- 2023-11-29T09:08:38.535691Z
- Details
-
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
- References
-
- https://security.gentoo.org/glsa/202210-33
- https://security.netapp.com/advisory/ntap-20221007-0004/
- https://www.debian.org/security/2022/dsa-5200
- https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html
- http://git.linux-nfs.org/?p=steved/libtirpc.git%3Ba=commit%3Bh=86529758570cef4c73fb9b9c4104fdc510f701ed
Affected packages
Alpine:v3.13 / libtirpc
Package
- Name
- libtirpc
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.3.1-r1
Affected versions
0.*
0.2.1-r0
0.2.1-r1
0.2.1-r2
0.2.1-r3
0.2.1-r4
0.2.2-r0
0.2.2-r1
0.2.2-r2
0.2.2-r3
0.2.3-r0
0.2.3-r1
0.2.4-r0
0.2.4-r1
0.2.4-r2
0.2.4-r3
0.2.5-r0
0.2.5-r1
0.2.5-r2
0.2.5-r3
0.3.0-r0
0.3.0-r1
0.3.1-r0
0.3.1-r1
0.3.2-r0
0.3.2-r1
0.3.2-r2
1.*
1.0.1-r0
1.0.1-r1
1.0.1-r2
1.0.3-r0
1.1.4-r0
1.2.5-r0
1.2.5-r1
1.2.5-r2
1.2.5-r3
1.2.6-r3
Alpine:v3.14 / libtirpc
Package
- Name
- libtirpc
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.3.2-r1
Affected versions
0.*
0.2.1-r0
0.2.1-r1
0.2.1-r2
0.2.1-r3
0.2.1-r4
0.2.2-r0
0.2.2-r1
0.2.2-r2
0.2.2-r3
0.2.3-r0
0.2.3-r1
0.2.4-r0
0.2.4-r1
0.2.4-r2
0.2.4-r3
0.2.5-r0
0.2.5-r1
0.2.5-r2
0.2.5-r3
0.3.0-r0
0.3.0-r1
0.3.1-r0
0.3.1-r1
0.3.2-r0
0.3.2-r1
0.3.2-r2
1.*
1.0.1-r0
1.0.1-r1
1.0.1-r2
1.0.3-r0
1.1.4-r0
1.2.5-r0
1.2.5-r1
1.2.5-r2
1.2.5-r3
1.2.6-r3
1.3.1-r3
Alpine:v3.15 / libtirpc
Package
- Name
- libtirpc
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.3.2-r1
Affected versions
0.*
0.2.1-r0
0.2.1-r1
0.2.1-r2
0.2.1-r3
0.2.1-r4
0.2.2-r0
0.2.2-r1
0.2.2-r2
0.2.2-r3
0.2.3-r0
0.2.3-r1
0.2.4-r0
0.2.4-r1
0.2.4-r2
0.2.4-r3
0.2.5-r0
0.2.5-r1
0.2.5-r2
0.2.5-r3
0.3.0-r0
0.3.0-r1
0.3.1-r0
0.3.1-r1
0.3.2-r0
0.3.2-r1
0.3.2-r2
1.*
1.0.1-r0
1.0.1-r1
1.0.1-r2
1.0.3-r0
1.1.4-r0
1.2.5-r0
1.2.5-r1
1.2.5-r2
1.2.5-r3
1.2.6-r3
1.3.1-r3
Alpine:v3.16 / libtirpc
Package
- Name
- libtirpc
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.3.2-r1
Affected versions
0.*
0.2.1-r0
0.2.1-r1
0.2.1-r2
0.2.1-r3
0.2.1-r4
0.2.2-r0
0.2.2-r1
0.2.2-r2
0.2.2-r3
0.2.3-r0
0.2.3-r1
0.2.4-r0
0.2.4-r1
0.2.4-r2
0.2.4-r3
0.2.5-r0
0.2.5-r1
0.2.5-r2
0.2.5-r3
0.3.0-r0
0.3.0-r1
0.3.1-r0
0.3.1-r1
0.3.2-r0
0.3.2-r1
0.3.2-r2
1.*
1.0.1-r0
1.0.1-r1
1.0.1-r2
1.0.3-r0
1.1.4-r0
1.2.5-r0
1.2.5-r1
1.2.5-r2
1.2.5-r3
1.2.6-r3
1.3.1-r3
Alpine:v3.17 / libtirpc
Package
- Name
- libtirpc
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.3.2-r2
Affected versions
0.*
0.2.1-r0
0.2.1-r1
0.2.1-r2
0.2.1-r3
0.2.1-r4
0.2.2-r0
0.2.2-r1
0.2.2-r2
0.2.2-r3
0.2.3-r0
0.2.3-r1
0.2.4-r0
0.2.4-r1
0.2.4-r2
0.2.4-r3
0.2.5-r0
0.2.5-r1
0.2.5-r2
0.2.5-r3
0.3.0-r0
0.3.0-r1
0.3.1-r0
0.3.1-r1
0.3.2-r0
0.3.2-r1
0.3.2-r2
1.*
1.0.1-r0
1.0.1-r1
1.0.1-r2
1.0.3-r0
1.1.4-r0
1.2.5-r0
1.2.5-r1
1.2.5-r2
1.2.5-r3
1.2.6-r0
1.3.1-r0
1.3.2-r0
1.3.2-r1
Alpine:v3.18 / libtirpc
Package
- Name
- libtirpc
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.3.2-r2
Affected versions
0.*
0.2.1-r0
0.2.1-r1
0.2.1-r2
0.2.1-r3
0.2.1-r4
0.2.2-r0
0.2.2-r1
0.2.2-r2
0.2.2-r3
0.2.3-r0
0.2.3-r1
0.2.4-r0
0.2.4-r1
0.2.4-r2
0.2.4-r3
0.2.5-r0
0.2.5-r1
0.2.5-r2
0.2.5-r3
0.3.0-r0
0.3.0-r1
0.3.1-r0
0.3.1-r1
0.3.2-r0
0.3.2-r1
0.3.2-r2
1.*
1.0.1-r0
1.0.1-r1
1.0.1-r2
1.0.3-r0
1.1.4-r0
1.2.5-r0
1.2.5-r1
1.2.5-r2
1.2.5-r3
1.2.6-r0
1.3.1-r0
1.3.2-r0
1.3.2-r1