Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 16.04 ESM: 4986-2 Critical: Rpcbind Denial Of Service

ubuntu
Calendar Grey June 9, 2021
Dist Ubuntu Esm H88
The Ubuntu USN-4986-2 notice pertains to a vulnerability in rpcbind, which could result in a denial of service when subjected to specially designed traffic.
rpcbind could be made to consume resources and crash if it received specially crafted network traffic.

Summary

rpcbind could be made to consume resources and crash if it received

specially crafted network traffic.

Software Description:

- rpcbind: converts RPC program numbers into universal addresses

Details:

USN-4986-1 fixed a vulnerability in rpcbind. This update provides

the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that rpcbind incorrectly handled certain large data

sizes. A remote attacker could use this issue to cause rpcbind to consume

resources, leading to a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  rpcbind                         0.2.3-0.2ubuntu0.16.04.1+esm1

Ubuntu 14.04 ESM:
  rpcbind                         0.2.1-2ubuntu2.2+esm1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4986-2

https://ubuntu.com/security/notices/USN-4986-1

CVE-2017-8779

Severity
critical
Lowest
Low
Medium
High
Critical

June 09, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here