The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Afs | Ibm | * | 3.6 (including) |
Afs | Ibm | 3.6 (including) | 3.6 (including) |
Afs | Ibm | 3.6-patch12 (including) | 3.6-patch12 (including) |
Afs | Ibm | 3.6-patch13 (including) | 3.6-patch13 (including) |
Afs | Ibm | 3.6-patch14 (including) | 3.6-patch14 (including) |
Afs | Ibm | 3.6-patch15 (including) | 3.6-patch15 (including) |
Afs | Ibm | 3.6-patch16 (including) | 3.6-patch16 (including) |
Openafs | Openafs | 1.0 (including) | 1.0 (including) |
Openafs | Openafs | 1.0.1 (including) | 1.0.1 (including) |
Openafs | Openafs | 1.0.2 (including) | 1.0.2 (including) |
Openafs | Openafs | 1.0.3 (including) | 1.0.3 (including) |
Openafs | Openafs | 1.0.4 (including) | 1.0.4 (including) |
Openafs | Openafs | 1.0.4a (including) | 1.0.4a (including) |
Openafs | Openafs | 1.1 (including) | 1.1 (including) |
Openafs | Openafs | 1.1.0 (including) | 1.1.0 (including) |
Openafs | Openafs | 1.1.1 (including) | 1.1.1 (including) |
Openafs | Openafs | 1.1.1a (including) | 1.1.1a (including) |
Openafs | Openafs | 1.2 (including) | 1.2 (including) |
Openafs | Openafs | 1.2.1 (including) | 1.2.1 (including) |
Openafs | Openafs | 1.2.2 (including) | 1.2.2 (including) |
Openafs | Openafs | 1.2.2a (including) | 1.2.2a (including) |
Openafs | Openafs | 1.2.2b (including) | 1.2.2b (including) |
Openafs | Openafs | 1.2.3 (including) | 1.2.3 (including) |
Openafs | Openafs | 1.2.4 (including) | 1.2.4 (including) |
Openafs | Openafs | 1.2.5 (including) | 1.2.5 (including) |
Openafs | Openafs | 1.2.6 (including) | 1.2.6 (including) |
Openafs | Openafs | 1.2.7 (including) | 1.2.7 (including) |
Openafs | Openafs | 1.2.8 (including) | 1.2.8 (including) |
Openafs | Openafs | 1.2.9 (including) | 1.2.9 (including) |
Openafs | Openafs | 1.2.10 (including) | 1.2.10 (including) |
Openafs | Openafs | 1.2.11 (including) | 1.2.11 (including) |
Openafs | Openafs | 1.2.13 (including) | 1.2.13 (including) |
Openafs | Openafs | 1.3 (including) | 1.3 (including) |
Openafs | Openafs | 1.3.1 (including) | 1.3.1 (including) |
Openafs | Openafs | 1.3.2 (including) | 1.3.2 (including) |
Openafs | Openafs | 1.3.5 (including) | 1.3.5 (including) |
Openafs | Openafs | 1.3.70 (including) | 1.3.70 (including) |
Openafs | Openafs | 1.3.74 (including) | 1.3.74 (including) |
Openafs | Openafs | 1.3.77 (including) | 1.3.77 (including) |
Openafs | Openafs | 1.3.81 (including) | 1.3.81 (including) |
Openafs | Openafs | 1.4 (including) | 1.4 (including) |
Openafs | Openafs | 1.4.0 (including) | 1.4.0 (including) |
Openafs | Openafs | 1.4.3 (including) | 1.4.3 (including) |
Openafs | Openafs | 1.4.4 (including) | 1.4.4 (including) |
Openafs | Openafs | 1.4.5 (including) | 1.4.5 (including) |
Openafs | Openafs | 1.4.6 (including) | 1.4.6 (including) |
Openafs | Openafs | 1.4.7 (including) | 1.4.7 (including) |
Openafs | Openafs | 1.4.7_pre1 (including) | 1.4.7_pre1 (including) |
Openafs | Openafs | 1.4.7_pre2 (including) | 1.4.7_pre2 (including) |
Openafs | Openafs | 1.4.7_pre3 (including) | 1.4.7_pre3 (including) |
Openafs | Openafs | 1.4.7_pre4 (including) | 1.4.7_pre4 (including) |
Openafs | Openafs | 1.4.7_pre5 (including) | 1.4.7_pre5 (including) |
Openafs | Openafs | 1.4.8 (including) | 1.4.8 (including) |
Openafs | Openafs | 1.4.8_pre1 (including) | 1.4.8_pre1 (including) |
Openafs | Openafs | 1.4.8_pre2 (including) | 1.4.8_pre2 (including) |
Openafs | Openafs | 1.4.8_pre3 (including) | 1.4.8_pre3 (including) |
Openafs | Openafs | 1.5 (including) | 1.5 (including) |
Openafs | Openafs | 1.5.16 (including) | 1.5.16 (including) |
Openafs | Openafs | 1.5.17 (including) | 1.5.17 (including) |
Openafs | Openafs | 1.5.26 (including) | 1.5.26 (including) |
Openafs | Openafs | 1.5.27 (including) | 1.5.27 (including) |
Openafs | Openafs | 1.5.30 (including) | 1.5.30 (including) |
Openafs | Openafs | 1.5.31 (including) | 1.5.31 (including) |
Openafs | Openafs | 1.5.32 (including) | 1.5.32 (including) |
Openafs | Openafs | 1.5.33 (including) | 1.5.33 (including) |
Openafs | Openafs | 1.5.34 (including) | 1.5.34 (including) |
Openafs | Openafs | 1.5.35 (including) | 1.5.35 (including) |
Openafs | Openafs | 1.5.36 (including) | 1.5.36 (including) |
Openafs | Openafs | 1.5.38 (including) | 1.5.38 (including) |
Openafs | Openafs | 1.5.39 (including) | 1.5.39 (including) |
Openafs | Openafs | 1.5.50 (including) | 1.5.50 (including) |
Openafs | Openafs | 1.5.52 (including) | 1.5.52 (including) |
Openafs | Openafs | 1.5.53 (including) | 1.5.53 (including) |
Openafs | Openafs | 1.5.54 (including) | 1.5.54 (including) |
Openafs | Openafs | 1.5.55 (including) | 1.5.55 (including) |
Openafs | Openafs | 1.5.56 (including) | 1.5.56 (including) |
Openafs | Openafs | 1.5.57 (including) | 1.5.57 (including) |
Openafs | Openafs | 1.5.58 (including) | 1.5.58 (including) |
Openafs | Ubuntu | dapper | * |
Openafs | Ubuntu | gutsy | * |
Openafs | Ubuntu | hardy | * |
Openafs | Ubuntu | intrepid | * |