CVE-2007-6599
published 2008-01-04CVE-2007-6599: Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | openafs | < openafs 1.4.6.dfsg1-1 (bookworm) | openafs 1.4.6.dfsg1-1 (bookworm) |
| openafs | openafs | >= 0 < 1.4.6.dfsg1-1 | 1.4.6.dfsg1-1 |
| openafs | openafs | >= 0 < 1.4.6.dfsg1-1 | 1.4.6.dfsg1-1 |
| openafs | openafs | >= 0 < 1.4.6.dfsg1-1 | 1.4.6.dfsg1-1 |
| openafs | openafs | 1.3.50 – 1.4.5 | — |
| openafs | openafs | 1.5.0 – 1.5.27 | — |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM