Vulnerability Details : CVE-2015-7236
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2015-7236
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:a:rpcbind_project:rpcbind:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-7236
4.88%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-7236
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
References for CVE-2015-7236
-
http://www.securityfocus.com/bid/76771
rpcbind 'rpcb_svc_com.c' Remote Memory Corruption Vulnerability
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3
-
http://www.openwall.com/lists/oss-security/2015/09/17/6
oss-security - Re: CVE Request: remote triggerable use-after-free in rpcbind
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172152.html
[SECURITY] Fedora 22 Update: rpcbind-0.2.3-0.3.fc22
-
http://www.securitytracker.com/id/1033673
Rpcbind Pointer Error Lets Remote Users Cause the Target Service to Crash - SecurityTracker
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171030.html
[SECURITY] Fedora 23 Update: rpcbind-0.2.3-0.4.fc23
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-15:24.rpcbind.asc
-
http://www.openwall.com/lists/oss-security/2015/09/17/1
oss-security - CVE Request: remote triggerable use-after-free in rpcbind
-
http://www.debian.org/security/2015/dsa-3366
Debian -- Security Information -- DSA-3366-1 rpcbind
-
http://www.ubuntu.com/usn/USN-2756-1
USN-2756-1: rpcbind vulnerability | Ubuntu security notices
-
http://www.spinics.net/lists/linux-nfs/msg53045.html
[PATCH] Fix memory corruption in PMAP_CALLIT code — Linux NFS
-
https://security.gentoo.org/glsa/201611-17
RPCBind: Denial of Service (GLSA 201611-17) — Gentoo security
Jump to