CVE-2009-1250

EUVD-2009-1249
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
ibmafs
𝑥
≤ 3.6
ibmafs
3.6
ibmafs
3.6:patch12
ibmafs
3.6:patch13
ibmafs
3.6:patch14
ibmafs
3.6:patch15
ibmafs
3.6:patch16
openafsopenafs
1.0
openafsopenafs
1.0.1
openafsopenafs
1.0.2
openafsopenafs
1.0.3
openafsopenafs
1.0.4
openafsopenafs
1.0.4a:a
openafsopenafs
1.1
openafsopenafs
1.1.0
openafsopenafs
1.1.1
openafsopenafs
1.1.1a:a
openafsopenafs
1.2
openafsopenafs
1.2.1
openafsopenafs
1.2.2
openafsopenafs
1.2.2a:a
openafsopenafs
1.2.2b:b
openafsopenafs
1.2.3
openafsopenafs
1.2.4
openafsopenafs
1.2.5
openafsopenafs
1.2.6
openafsopenafs
1.2.7
openafsopenafs
1.2.8
openafsopenafs
1.2.9
openafsopenafs
1.2.10
openafsopenafs
1.2.11
openafsopenafs
1.2.13
openafsopenafs
1.3
openafsopenafs
1.3.1
openafsopenafs
1.3.2
openafsopenafs
1.3.5
openafsopenafs
1.3.70
openafsopenafs
1.3.74
openafsopenafs
1.3.77
openafsopenafs
1.3.81
openafsopenafs
1.4
openafsopenafs
1.4.0
openafsopenafs
1.4.3
openafsopenafs
1.4.4
openafsopenafs
1.4.5
openafsopenafs
1.4.6
openafsopenafs
1.4.7
openafsopenafs
1.4.7_pre1:_pre1
openafsopenafs
1.4.7_pre2:_pre2
openafsopenafs
1.4.7_pre3:_pre3
openafsopenafs
1.4.7_pre4:_pre4
openafsopenafs
1.4.7_pre5:_pre5
openafsopenafs
1.4.8
openafsopenafs
1.4.8_pre1:_pre1
openafsopenafs
1.4.8_pre2:_pre2
openafsopenafs
1.4.8_pre3:_pre3
openafsopenafs
1.5
openafsopenafs
1.5.16
openafsopenafs
1.5.17
openafsopenafs
1.5.26
openafsopenafs
1.5.27
openafsopenafs
1.5.30
openafsopenafs
1.5.31
openafsopenafs
1.5.32
openafsopenafs
1.5.33
openafsopenafs
1.5.34
openafsopenafs
1.5.35
openafsopenafs
1.5.36
openafsopenafs
1.5.38
openafsopenafs
1.5.39
openafsopenafs
1.5.50
openafsopenafs
1.5.52
openafsopenafs
1.5.53
openafsopenafs
1.5.54
openafsopenafs
1.5.55
openafsopenafs
1.5.56
openafsopenafs
1.5.57
openafsopenafs
1.5.58
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openafs
bookworm
1.8.9-1
fixed
bullseye
1.8.6-5
fixed
sid
1.8.12.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openafs
dapper
Fixed 1.4.1-2+ubuntu0.1
released
gutsy
ignored
hardy
Fixed 1.4.6.dfsg1-2+ubuntu0.1
released
intrepid
Fixed 1.4.7.dfsg1-6+ubuntu0.1
released
Common Weakness Enumeration
References
http://secunia.com/advisories/34655
http://secunia.com/advisories/34684
http://secunia.com/advisories/36310
http://secunia.com/advisories/42896
http://security.gentoo.org/glsa/glsa-201101-05.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21396389
http://www-1.ibm.com/support/docview.wss?uid=swg1ID71123
http://www.debian.org/security/2009/dsa-1768
http://www.mandriva.com/security/advisories?name=MDVSA-2009:099
http://www.openafs.org/security/OPENAFS-SA-2009-002.txt
http://www.openafs.org/security/openafs-sa-2009-002.patch
http://www.securityfocus.com/bid/34404
http://www.vupen.com/english/advisories/2009/0984
http://www.vupen.com/english/advisories/2011/0117
http://secunia.com/advisories/34655
http://secunia.com/advisories/34684
http://secunia.com/advisories/36310
http://secunia.com/advisories/42896
http://security.gentoo.org/glsa/glsa-201101-05.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21396389
http://www-1.ibm.com/support/docview.wss?uid=swg1ID71123
http://www.debian.org/security/2009/dsa-1768
http://www.mandriva.com/security/advisories?name=MDVSA-2009:099
http://www.openafs.org/security/OPENAFS-SA-2009-002.txt
http://www.openafs.org/security/openafs-sa-2009-002.patch
http://www.securityfocus.com/bid/34404
http://www.vupen.com/english/advisories/2009/0984
http://www.vupen.com/english/advisories/2011/0117