Launchpad.net

CVE 2007-6599

Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.

Related bugs and status

CVE-2007-6599 (Candidate) is related to these bugs:

Bug #180792: SA 2007-003: Denial of service in OpenAFS fileserver

Summary				In	Importance	Status
	180792	SA 2007-003: Denial of service in OpenAFS fileserver		openafs (Ubuntu)	Undecided	Fix Released

Bug #182016: [openafs] [CVE-2007-6599] DoS vulnerability

Summary				In	Importance	Status
	182016	[openafs] [CVE-2007-6599] DoS vulnerability		openafs (Ubuntu)	Undecided	New

Bug #356861: OpenAFS Security Advisories 2009-001 and 2009-002

		In	Importance	Status
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Dapper)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Hardy)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Jaunty)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Intrepid)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [OpenAFS-announce] 200...
CONFIRM: http://www.openafs.org...
BID: 27132
SECUNIA: 28327
GENTOO: GLSA-200801-04
DEBIAN: DSA-1458
SECUNIA: 28401
SECUNIA: 28433
SUSE: SUSE-SR:2008:002
SECUNIA: 28636
MANDRIVA: MDVSA-2008:207
VUPEN: ADV-2008-0046