Candidate: CVE-2009-1250
PublicDate: 2009-04-09 00:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1250
 http://www.openafs.org/security/OPENAFS-SA-2009-002.txt
Description:
 The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0
 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote
 attackers to cause a denial of service (system crash) via an RX response
 with a large error-code value that is interpreted as a pointer and
 dereferenced, related to use of the ERR_PTR macro.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_openafs:
 upstream: http://www.openafs.org/security/openafs-sa-2009-002.patch
upstream_openafs: needs-triage
dapper_openafs: released (1.4.1-2+ubuntu0.1)
gutsy_openafs: needs-triage (reached end-of-life)
hardy_openafs: released (1.4.6.dfsg1-2+ubuntu0.1)
intrepid_openafs: released (1.4.7.dfsg1-6+ubuntu0.1)
devel_openafs: not-affected (1.4.9.dfsg1-0+ubuntu2)