CVE-2021-46828: 
NixOS vulnerability analysis and mitigation

CVE-2021-46828 affects libtirpc versions before 1.3.3rc1. The vulnerability was discovered in July 2022 and affects the transport-independent RPC library's handling of TCP connections. The vulnerability impacts systems using libtirpc for remote procedure calls, including various Linux distributions and network-dependent applications (NVD).

The vulnerability stems from improper handling of idle TCP connections in libtirpc. When the number of connections reaches the limit of open file descriptors (ulimit -n), accept(2) fails with EMFILE error. Due to lack of proper error handling, this causes svc_run() to enter a tight loop calling accept(2), preventing the RPC service from servicing any new requests. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (Gentoo Security).

The vulnerability can lead to a denial of service (DoS) condition. Remote attackers can exploit this flaw by establishing enough connections to libtirpc to exhaust the file descriptors of a process, causing the service to enter an infinite loop and become unresponsive to new connections (Debian Security).

The vulnerability has been fixed in libtirpc version 1.3.3rc1 and later. Users are recommended to upgrade to the patched versions. Various Linux distributions have released security updates: Debian has fixed it in version 1.3.1-1+deb11u1 for bullseye, Red Hat has addressed it in version 1.3.3-0.el9, and Gentoo recommends upgrading to version 1.3.2 or later (Debian Security, Red Hat Security).