{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-05-04T00:00:00", "descriptions": [{"lang": "en", "value": "rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-06T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-3759-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3759-2/"}, {"name": "RHSA-2017:1267", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1267"}, {"name": "USN-3759-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3759-1/"}, {"name": "RHSA-2017:1262", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1262"}, {"tags": ["x_refsource_MISC"], "url": "https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/"}, {"name": "RHSA-2017:1268", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1268"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/drbothen/GO-RPCBOMB"}, {"name": "RHBA-2017:1497", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2017:1497"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/guidovranken/rpcbomb/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20180109-0001/"}, {"name": "GLSA-201706-07", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201706-07"}, {"name": "1038532", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038532"}, {"name": "98325", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98325"}, {"tags": ["x_refsource_MISC"], "url": "http://openwall.com/lists/oss-security/2017/05/03/12"}, {"tags": ["x_refsource_MISC"], "url": "http://openwall.com/lists/oss-security/2017/05/04/1"}, {"name": "RHSA-2017:1395", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1395"}, {"name": "RHSA-2017:1263", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1263"}, {"name": "41974", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/41974/"}, {"name": "DSA-3845", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3845"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-8779", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-3759-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3759-2/"}, {"name": "RHSA-2017:1267", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1267"}, {"name": "USN-3759-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3759-1/"}, {"name": "RHSA-2017:1262", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1262"}, {"name": "https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/", "refsource": "MISC", "url": "https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/"}, {"name": "RHSA-2017:1268", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1268"}, {"name": "https://github.com/drbothen/GO-RPCBOMB", "refsource": "MISC", "url": "https://github.com/drbothen/GO-RPCBOMB"}, {"name": "RHBA-2017:1497", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2017:1497"}, {"name": "https://github.com/guidovranken/rpcbomb/", "refsource": "MISC", "url": "https://github.com/guidovranken/rpcbomb/"}, {"name": "https://security.netapp.com/advisory/ntap-20180109-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180109-0001/"}, {"name": "GLSA-201706-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201706-07"}, {"name": "1038532", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038532"}, {"name": "98325", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98325"}, {"name": "http://openwall.com/lists/oss-security/2017/05/03/12", "refsource": "MISC", "url": "http://openwall.com/lists/oss-security/2017/05/03/12"}, {"name": "http://openwall.com/lists/oss-security/2017/05/04/1", "refsource": "MISC", "url": "http://openwall.com/lists/oss-security/2017/05/04/1"}, {"name": "RHSA-2017:1395", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1395"}, {"name": "RHSA-2017:1263", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1263"}, {"name": "41974", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41974/"}, {"name": "DSA-3845", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3845"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:48:22.685Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3759-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3759-2/"}, {"name": "RHSA-2017:1267", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1267"}, {"name": "USN-3759-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3759-1/"}, {"name": "RHSA-2017:1262", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1262"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/"}, {"name": "RHSA-2017:1268", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1268"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/drbothen/GO-RPCBOMB"}, {"name": "RHBA-2017:1497", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2017:1497"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/guidovranken/rpcbomb/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20180109-0001/"}, {"name": "GLSA-201706-07", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201706-07"}, {"name": "1038532", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038532"}, {"name": "98325", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/98325"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2017/05/03/12"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2017/05/04/1"}, {"name": "RHSA-2017:1395", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1395"}, {"name": "RHSA-2017:1263", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1263"}, {"name": "41974", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/41974/"}, {"name": "DSA-3845", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3845"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-8779", "datePublished": "2017-05-04T14:00:00", "dateReserved": "2017-05-04T00:00:00", "dateUpdated": "2024-08-05T16:48:22.685Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rpcbind_project:rpcbind:*:*:*:*:*:*:*:*", "matchCriteriaId": "31D3864F-CD5A-4C90-BEC7-49A1D2250349", "versionEndIncluding": "0.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtirpc_project:libtirpc:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1FF7336-78CD-4C57-8149-8C31AF870ACB", "versionEndIncluding": "1.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ntirpc_project:ntirpc:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DD4200B-DA67-4F7D-AA8C-32D7724AD3FD", "versionEndIncluding": "1.4.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb."}, {"lang": "es", "value": "Rpcbind versi\u00f3n 0.2.4, LIBTIRPC versi\u00f3n 1.0.1 y versiones 1.0.2-rc a 1.0.2-rc3, y NTIRPC versi\u00f3n 1.4.3, no consideran el tama\u00f1o m\u00e1ximo de datos RPC durante la asignaci\u00f3n de memoria para cadenas XDR, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria sin liberaci\u00f3n) a trav\u00e9s de un paquete UDP manipulado enviado al puerto 111, tambi\u00e9n conocido como rpcbomb."}], "id": "CVE-2017-8779", "lastModified": "2024-11-21T03:34:40.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-04T14:29:00.230", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/05/03/12"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/05/04/1"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3845"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98325"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1038532"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHBA-2017:1497"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1262"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1263"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1267"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1268"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1395"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/drbothen/GO-RPCBOMB"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/guidovranken/rpcbomb/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201706-07"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20180109-0001/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3759-1/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3759-2/"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/41974/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/05/03/12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/05/04/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2017/dsa-3845"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98325"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1038532"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHBA-2017:1497"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:1262"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:1263"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:1267"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:1268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:1395"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/drbothen/GO-RPCBOMB"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/guidovranken/rpcbomb/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201706-07"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20180109-0001/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3759-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3759-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/41974/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "calamari-server-0:1.5.6-2.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "ceph-1:10.2.7-27.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "ceph-iscsi-cli-0:2.0-5.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "ceph-iscsi-config-0:2.0-4.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "ceph-iscsi-tools-0:2.0-3.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "libntirpc-0:1.4.3-2.el7", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "nfs-ganesha-0:2.4.5-7.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "pcp-pmda-lio-0:1.0-2.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "python-crypto-0:2.6.1-1.2.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "python-flask-1:0.10.1-5.el7", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "python-itsdangerous-0:0.23-1.el7", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "python-jinja2-0:2.7.2-2.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "python-rtslib-0:2.1.fb64-0.1.20170301.git3637171.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "python-werkzeug-0:0.9.1-1.el7", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "targetcli-0:2.1.fb47-0.1.20170301.gitf632f38.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "tcmu-runner-0:1.2.1-0.2.20170104.git3d33566.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHBA-2017:1497", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "userspace-rcu-0:0.7.16-1.el7cp", "product_name": "Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7", "release_date": "2017-06-19T00:00:00Z"}, {"advisory": "RHSA-2017:1267", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "rpcbind-0:0.2.0-13.el6_9", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-05-23T00:00:00Z"}, {"advisory": "RHSA-2017:1268", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "libtirpc-0:0.2.1-13.el6_9", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-05-23T00:00:00Z"}, {"advisory": "RHSA-2017:1262", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "rpcbind-0:0.2.0-38.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-05-22T00:00:00Z"}, {"advisory": "RHSA-2017:1263", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "libtirpc-0:0.2.4-0.8.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-05-22T00:00:00Z"}, {"advisory": "RHSA-2017:1395", "cpe": "cpe:/a:redhat:storage:3.2:nfs:el6", "package": "libntirpc-0:1.4.3-4.el6rhs", "product_name": "Red Hat Gluster Storage 3.2 for RHEL 6", "release_date": "2017-06-06T00:00:00Z"}, {"advisory": "RHSA-2017:1395", "cpe": "cpe:/a:redhat:storage:3.2:nfs:el7", "package": "libntirpc-0:1.4.3-4.el7rhgs", "product_name": "Red Hat Gluster Storage 3.2 for RHEL 7", "release_date": "2017-06-06T00:00:00Z"}], "bugzilla": {"description": "libntirpc: Memory leak when failing to parse XDR strings or bytearrays", "id": "1448124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448124"}, "csaw": true, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.", "It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer."], "mitigation": {"lang": "en:us", "value": "rpcbind should be protected by iptables so that only trusted hosts that require access can reach it (eg, nfs clients). Applying per-IP rate limits in iptables will also significantly limit the impact of this attack. The default iptables rules in the system-config-firewall or firewalld package deny all remote access to rpcbind.\nIf you elect to run your system with overcommit turned off, daemons should have memory limits enforced by the init system to ensure stability. With systemd, use directives such as LimitAS in unit files. With upstart, place ulimit commands in /etc/sysconfig/$daemon."}, "name": "CVE-2017-8779", "public_date": "2017-05-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-8779\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-8779\nhttps://access.redhat.com/solutions/3025811/"], "statement": "In the default system configuration, with the sysctl variable vm.overcommit_memory set to either 0 (the default) or 1, an attack would take a not-insignificant amount of time to exhaust the system's memory. If vm.overcommit_memory is set to a value of 2, the time required to exhaust system memory is sufficiently reduced. It was further noticed that, a 32-bit system would have its memory exhausted faster than a 64-bit system.", "threat_severity": "Important"}