An infinite loop vulnerability was found in libtirpc. With the port to using poll rather than select, exhaustion of file descriptors would cause the server to enter an infinite loop, consuming a large amount of CPU time and denying service to other clients until restarted.
A flaw was found in libtirpc before version 1.0.2-rc2. With the port to poll, and endless loop can be created when running out of file descriptors.
This was introduced with the port to using poll() instead of select() around 0.3.3. Prior versions use a different strategy when EMFILE/ENFILE is hit: the "most idle" connection is dropped before retrying.