5

CVE-2011-0431

The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors.  NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenafsOpenafs Version1.4.7
OpenafsOpenafs Version1.4.12
OpenafsOpenafs Version1.4.14
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2% 0.782
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/43371
Vendor Advisory
http://secunia.com/advisories/43407
Vendor Advisory
http://www.debian.org/security/2011/dsa-2168
http://www.securityfocus.com/bid/46428
http://www.securitytracker.com/id?1025095
http://www.vupen.com/english/advisories/2011/0410
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0411
Vendor Advisory