DSA-1768-1

Details

Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-1250 CVE-2009-1251

Two vulnerabilities were discovered in the client part of OpenAFS, a distributed file system.

An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array decoding. (CVE-2009-1251)

An attacker with control of a file server or the ability to forge RX packets may crash OpenAFS clients because of wrongly handled error return codes in the kernel module. (CVE-2009-1250).

Note that in order to apply this security update, you must rebuild the OpenAFS kernel module. Be sure to also upgrade openafs-modules-source, build a new kernel module for your system following the instructions in /usr/share/doc/openafs-client/README.modules.gz, and then either stop and restart openafs-client or reboot the system to reload the kernel module.

Affected Packages

openafs

Debian 4

Fixed in:

1.4.2-6etch2

openafs

Debian 5

Fixed in:

1.4.7.dfsg1-6+lenny1

References

ADVISORYhttps://security-tracker.debian.org/tracker/DSA-1768-1

DSA-1768-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline