High severity7.5NVD Advisory· Published Aug 30, 2018· Updated Jun 17, 2026
CVE-2018-14622
CVE-2018-14622
Description
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <0.3.3-rc3
- osv-coords3 versionspkg:rpm/suse/libtirpc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/libtirpc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/libtirpc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
< 0.2.1-1.13.6.1+ 2 more
- (no CPE)range: < 0.2.1-1.13.6.1
- (no CPE)range: < 0.2.1-1.13.6.1
- (no CPE)range: < 0.2.1-1.13.6.1
Patches
Vulnerability mechanics
References
7- access.redhat.com/errata/RHBA-2017:1991nvdThird Party Advisory
- bugzilla.novell.com/show_bug.cginvdIssue TrackingThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/08/msg00034.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/3759-1/nvdThird Party Advisory
- usn.ubuntu.com/3759-2/nvdThird Party Advisory
- git.linux-nfs.orgnvd
News mentions
0No linked articles in our index yet.