blob: 9320122f7570062805cb22675191f1977d5c6f77 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="201101-05">
<title>OpenAFS: Arbitrary code execution</title>
The cache manager of OpenAFS contains several bugs resulting in remote
execution of arbitrary code.
<product type="ebuild">OpenAFS</product>
<announced>January 16, 2011</announced>
<revised>January 16, 2011: 01</revised>
<package name="net-fs/openafs" auto="yes" arch="*">
<unaffected range="ge">1.4.9</unaffected>
<vulnerable range="lt">1.4.9</vulnerable>
OpenAFS is a distributed file system.
Two vulnerabilities were discovered:
Simon Wilkinson discovered from a bug report by Toby Blake that the
cache manager of OpenAFS contains a heap-based buffer overflow which is
related to the use of the ERR_PTR macro (CVE-2009-1250).</li>
pointer dereference bug when using XDR arrays was discovered by Simon
Wilkinson, with assistance from Derrick Brashear and Jeffrey Altman.
<impact type="normal">
The vulnerabilities might allow remote unauthenticated attackers to
cause a Denial of Service (system crash) and possibly execute arbitrary
There is no known workaround at this time.
All OpenAFS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=net-fs/openafs-1.4.9&quot;</code>
<uri link="">CVE-2009-1250</uri>
<uri link="">CVE-2009-1251</uri>
<metadata tag="submitter" timestamp="Tue, 01 Jun 2010 20:56:43 +0000">
<metadata tag="bugReady" timestamp="Tue, 21 Sep 2010 20:07:41 +0000">