Total vulnerabilities in the database
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.
| Software | From | Fixed in |
|---|---|---|
| ibm / afs | - | 3.6.x |
| ibm / afs | 3.6-patch13 | 3.6-patch13.x |
| ibm / afs | 3.6-patch16 | 3.6-patch16.x |
| ibm / afs | 3.6-patch14 | 3.6-patch14.x |
| ibm / afs | 3.6-patch12 | 3.6-patch12.x |
| ibm / afs | 3.6-patch15 | 3.6-patch15.x |
| ibm / afs | 3.6 | 3.6.x |
| openafs / openafs | 1.0 | 1.0.x |
| openafs / openafs | 1.0.1 | 1.0.1.x |
| openafs / openafs | 1.0.2 | 1.0.2.x |
| openafs / openafs | 1.0.3 | 1.0.3.x |
| openafs / openafs | 1.0.4 | 1.0.4.x |
| openafs / openafs | 1.0.4a | 1.0.4a.x |
| openafs / openafs | 1.1 | 1.1.x |
| openafs / openafs | 1.1.0 | 1.1.0.x |
| openafs / openafs | 1.1.1 | 1.1.1.x |
| openafs / openafs | 1.1.1a | 1.1.1a.x |
| openafs / openafs | 1.2 | 1.2.x |
| openafs / openafs | 1.2.1 | 1.2.1.x |
| openafs / openafs | 1.2.2 | 1.2.2.x |
| openafs / openafs | 1.2.2a | 1.2.2a.x |
| openafs / openafs | 1.2.2b | 1.2.2b.x |
| openafs / openafs | 1.2.3 | 1.2.3.x |
| openafs / openafs | 1.2.4 | 1.2.4.x |
| openafs / openafs | 1.2.5 | 1.2.5.x |
| openafs / openafs | 1.2.6 | 1.2.6.x |
| openafs / openafs | 1.2.7 | 1.2.7.x |
| openafs / openafs | 1.2.8 | 1.2.8.x |
| openafs / openafs | 1.2.9 | 1.2.9.x |
| openafs / openafs | 1.2.10 | 1.2.10.x |
| openafs / openafs | 1.2.11 | 1.2.11.x |
| openafs / openafs | 1.2.13 | 1.2.13.x |
| openafs / openafs | 1.3 | 1.3.x |
| openafs / openafs | 1.3.1 | 1.3.1.x |
| openafs / openafs | 1.3.2 | 1.3.2.x |
| openafs / openafs | 1.3.5 | 1.3.5.x |
| openafs / openafs | 1.3.70 | 1.3.70.x |
| openafs / openafs | 1.3.74 | 1.3.74.x |
| openafs / openafs | 1.3.77 | 1.3.77.x |
| openafs / openafs | 1.3.81 | 1.3.81.x |
| openafs / openafs | 1.4 | 1.4.x |
| openafs / openafs | 1.4.0 | 1.4.0.x |
| openafs / openafs | 1.4.3 | 1.4.3.x |
| openafs / openafs | 1.4.4 | 1.4.4.x |
| openafs / openafs | 1.4.5 | 1.4.5.x |
| openafs / openafs | 1.4.6 | 1.4.6.x |
| openafs / openafs | 1.4.7 | 1.4.7.x |
| openafs / openafs | 1.4.7_pre1 | 1.4.7_pre1.x |
| openafs / openafs | 1.4.7_pre2 | 1.4.7_pre2.x |
| openafs / openafs | 1.4.7_pre3 | 1.4.7_pre3.x |
| openafs / openafs | 1.4.7_pre4 | 1.4.7_pre4.x |
| openafs / openafs | 1.4.7_pre5 | 1.4.7_pre5.x |
| openafs / openafs | 1.4.8 | 1.4.8.x |
| openafs / openafs | 1.4.8_pre1 | 1.4.8_pre1.x |
| openafs / openafs | 1.4.8_pre2 | 1.4.8_pre2.x |
| openafs / openafs | 1.4.8_pre3 | 1.4.8_pre3.x |
| openafs / openafs | 1.5 | 1.5.x |
| openafs / openafs | 1.5.16 | 1.5.16.x |
| openafs / openafs | 1.5.17 | 1.5.17.x |
| openafs / openafs | 1.5.26 | 1.5.26.x |
| openafs / openafs | 1.5.27 | 1.5.27.x |
| openafs / openafs | 1.5.30 | 1.5.30.x |
| openafs / openafs | 1.5.31 | 1.5.31.x |
| openafs / openafs | 1.5.32 | 1.5.32.x |
| openafs / openafs | 1.5.33 | 1.5.33.x |
| openafs / openafs | 1.5.34 | 1.5.34.x |
| openafs / openafs | 1.5.35 | 1.5.35.x |
| openafs / openafs | 1.5.36 | 1.5.36.x |
| openafs / openafs | 1.5.38 | 1.5.38.x |
| openafs / openafs | 1.5.39 | 1.5.39.x |
| openafs / openafs | 1.5.50 | 1.5.50.x |
| openafs / openafs | 1.5.52 | 1.5.52.x |
| openafs / openafs | 1.5.53 | 1.5.53.x |
| openafs / openafs | 1.5.54 | 1.5.54.x |
| openafs / openafs | 1.5.55 | 1.5.55.x |
| openafs / openafs | 1.5.56 | 1.5.56.x |
| openafs / openafs | 1.5.57 | 1.5.57.x |
| openafs / openafs | 1.5.58 | 1.5.58.x |