NVD

Id
27919  
Name
CVE-2015-7236  
Description
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2015-10-01  
Modified Date
2016-12-07  
Seq
2015-7236  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
146927 27919 CVE-2015-7236 FEDORA-2015-36b145bd37  View
146928 27919 CVE-2015-7236 FEDORA-2015-9eee2fbc78  View
146929 27919 CVE-2015-7236 DSA-3366  View
146930 27919 CVE-2015-7236 [oss-security] 20150917 CVE Request: remote triggerable use-after-free in rpcbind  View
146931 27919 CVE-2015-7236 [oss-security] 20150917 Re: CVE Request: remote triggerable use-after-free in rpcbind  View
146932 27919 CVE-2015-7236 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html  View
146933 27919 CVE-2015-7236 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html  View
146934 27919 CVE-2015-7236 76771  View
146935 27919 CVE-2015-7236 1033673  View
146936 27919 CVE-2015-7236 [linux-nfs] 20150810 [PATCH] Fix memory corruption in PMAP_CALLIT code  View
146937 27919 CVE-2015-7236 USN-2756-1  View
146938 27919 CVE-2015-7236 FreeBSD-SA-15:24  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
9725 JVNDB-2015-005045 rpcbind の rpcb_svc_com.c の xprt_set_caller におけるサービス運用妨害 (DoS) の脆弱性 rpcbind の rpcb_svc_com.c の xprt_set_caller には、解放済みメモリの使用 (Use-after-free) により、サービス運用妨害 (デーモンクラッシュ) 状態にされる脆弱性が存在します。 CVE-2015-7236 84461 CVE-2015-7236 27919 5 7.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-005045.html 2015-09-23 2016-05-31 View