| Errata ID | 21 |
|---|---|
| Date | 2015-12-09 |
| Source package | rpcbind |
| Fixed in version | 0.2.0-8.8.201511231144 |
| Description | This update addresses the following issue: * A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service (rpcbind crash) (CVE-2015-7236) |
| Additional notes | |
| CVE ID | CVE-2015-7236 |
| UCS Bug number | #40023 |
