LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openafs: multiple vulnerabilities

Package(s):openafs CVE #(s):CVE-2009-1250 CVE-2009-1251
Created:April 13, 2009 Updated:January 17, 2011
Description:

From the Debian advisory:

An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array decoding. (CVE-2009-1251)

An attacker with control of a file server or the ability to forge RX packets may crash OpenAFS clients because of wrongly handled error return codes in the kernel module. (CVE-2009-1250).

Alerts:
Gentoo 201101-05 2011-01-16
Mandriva MDVSA-2009:099-1 2009-12-08
Mandriva MDVSA-2009:099 2009-04-27
Debian DSA-1768-1 2009-04-10
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds