Synopsis: Moderate: rpcbind security update
Advisory ID: SLSA-2016:0005-1
Issue Date: 2016-01-07
CVE Numbers: CVE-2015-7236
—
A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP
connections was discovered in rpcbind. A remote attacker could possibly
exploit this flaw to crash the rpcbind service by performing a series of
UDP and TCP calls. (CVE-2015-7236)
If the rpcbind service is running, it will be automatically restarted
after installing this update.
—
SL6
x86_64
rpcbind-0.2.0-11.el6_7.x86_64.rpm
rpcbind-debuginfo-0.2.0-11.el6_7.x86_64.rpm
i386
rpcbind-0.2.0-11.el6_7.i686.rpm
rpcbind-debuginfo-0.2.0-11.el6_7.i686.rpm
SL7
x86_64
rpcbind-0.2.0-33.el7_2.x86_64.rpm
rpcbind-debuginfo-0.2.0-33.el7_2.x86_64.rpm
– Scientific Linux Development Team
