In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
https://www.debian.org/security/2022/dsa-5200
https://security.netapp.com/advisory/ntap-20221007-0004/
https://security.gentoo.org/glsa/202210-33
https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html