SB2015093003 - Use-after-free in rpcbind (Alpine package)
Published: September 30, 2015
Security Bulletin ID
SB2015093003
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2015-7236)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error in xprt_set_caller() function in rpcb_svc_com.c in rpcbind 0.2.1 and earlier. A remote attacker can cause a denial of service (daemon crash) via specially crafted packets that involve PMAP_CALLIT code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=3e2cb134319f31ba0b311f2e7ee5770f74fb1f5d
- https://git.alpinelinux.org/aports/commit/?id=48037a938246734e8c137817a9658d534571cd0d
- https://git.alpinelinux.org/aports/commit/?id=dc8c84b12bbcb39866abb39dae0ddd35d837c5e5
- https://git.alpinelinux.org/aports/commit/?id=9d6f28e9313b1f9f0f7762a082d89d7791144e8e
- https://git.alpinelinux.org/aports/commit/?id=5a370e0dae70e7637003886ad405441fc051831b