{ "schema_version": "1.4.0", "id": "GHSA-cpqp-v482-xxhg", "modified": "2022-05-02T03:23:06Z", "published": "2022-05-02T03:23:06Z", "aliases": [ "CVE-2009-1250" ], "details": "The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1250" }, { "type": "WEB", "url": "http://secunia.com/advisories/34655" }, { "type": "WEB", "url": "http://secunia.com/advisories/34684" }, { "type": "WEB", "url": "http://secunia.com/advisories/36310" }, { "type": "WEB", "url": "http://secunia.com/advisories/42896" }, { "type": "WEB", "url": "http://security.gentoo.org/glsa/glsa-201101-05.xml" }, { "type": "WEB", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396389" }, { "type": "WEB", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1ID71123" }, { "type": "WEB", "url": "http://www.debian.org/security/2009/dsa-1768" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:099" }, { "type": "WEB", "url": "http://www.openafs.org/security/OPENAFS-SA-2009-002.txt" }, { "type": "WEB", "url": "http://www.openafs.org/security/openafs-sa-2009-002.patch" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/34404" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2009/0984" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2011/0117" } ], "database_specific": { "cwe_ids": [], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2009-04-09T00:30:00Z" } }