Vulnerabilities in rpcbind and libtirpc
|Reported by:||Owned by:|
This one had passed me by. CVE-2017-8779 rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, [ and NTIRPC through 1.4.3 ] do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.
Patches for rpcbind and libtirpc at https://github.com/guidovranken/rpcbomb - I see that both Fedora and Arch seem to be using these. The rpcbind part can probably be done by a sed.