Launchpad.net

CVE 2009-1250

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.

Related bugs and status

CVE-2009-1250 (Candidate) is related to these bugs:

Bug #356861: OpenAFS Security Advisories 2009-001 and 2009-002

		In	Importance	Status
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Dapper)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Hardy)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Jaunty)	Undecided	Fix Released
356861	OpenAFS Security Advisories 2009-001 and 2009-002	openafs (Ubuntu Intrepid)	Undecided	Fix Released

Bug #364426: Openafs hard codes version number in debian/rules

Summary				In	Importance	Status
	364426	Openafs hard codes version number in debian/rules		openafs (Ubuntu)	Undecided	Fix Released

Bug #370458: Merge openafs 1.4.10+dfsg1-1 from Deban

Summary				In	Importance	Status
	370458	Merge openafs 1.4.10+dfsg1-1 from Deban		openafs (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.openafs.org...
CONFIRM: http://www.openafs.org...
BID: 34404
DEBIAN: DSA-1768
SECUNIA: 34655
SECUNIA: 34684
VUPEN: ADV-2009-0984
MANDRIVA: MDVSA-2009:099
CONFIRM: http://www-01.ibm.com/...
AIXAPAR: ID71123
SECUNIA: 36310
SECUNIA: 42896
VUPEN: ADV-2011-0117
GENTOO: GLSA-201101-05