In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libtirpc-common", "binary_version": "1.2.5-1ubuntu0.1" }, { "binary_name": "libtirpc-dev", "binary_version": "1.2.5-1ubuntu0.1" }, { "binary_name": "libtirpc3", "binary_version": "1.2.5-1ubuntu0.1" }, { "binary_name": "libtirpc3-dbgsym", "binary_version": "1.2.5-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libtirpc-common", "binary_version": "1.3.2-2ubuntu0.1" }, { "binary_name": "libtirpc-dev", "binary_version": "1.3.2-2ubuntu0.1" }, { "binary_name": "libtirpc3", "binary_version": "1.3.2-2ubuntu0.1" }, { "binary_name": "libtirpc3-dbgsym", "binary_version": "1.3.2-2ubuntu0.1" } ] }