Wind River Support Network

HomeDefectsLIN6-4543

Fixed

LIN6-4543 : Security Advisory - libtirpc - CVE-2013-1950

Created: Jul 15, 2013 Updated: Dec 3, 2018

Resolved Date: Jan 6, 2014

Previous ID: LIN4-15356

Found In Version: 6.0

Fix Version: 6.0.0.2

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1950

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38