Michael Armstrong

**Name of the Vulnerable Software and Affected Versions** libtirpc versions 0.2.1 through 0.2.3 libtirpc-devel versions 0.2.1 libtirpc-debuginfo versions 0.2.1 **Description** The issue allows remote attackers to cause a denial of service, potentially leading to disruption of protected information. This can be exploited remotely. The `svc dg getargs` function in libtirpc is vulnerable to a denial of service attack via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer. **Recommendations** For libtirpc versions 0.2.1 through 0.2.3, consider updating to a version later than 0.2.3 to resolve the issue. For libtirpc-devel versions 0.2.1, update to a version later than 0.2.1. For libtirpc-debuginfo versions 0.2.1, update to a version later than 0.2.1. As a temporary workaround, consider restricting access to the `svc dg getargs` function until a patch is available.