Описание
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-6599
- http://lists.openafs.org/pipermail/openafs-announce/2007/000220.html
- http://secunia.com/advisories/28327
- http://secunia.com/advisories/28401
- http://secunia.com/advisories/28433
- http://secunia.com/advisories/28636
- http://security.gentoo.org/glsa/glsa-200801-04.xml
- http://www.debian.org/security/2008/dsa-1458
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:207
- http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
- http://www.openafs.org/security/OPENAFS-SA-2007-003.txt
- http://www.securityfocus.com/bid/27132
- http://www.vupen.com/english/advisories/2008/0046
Связанные уязвимости
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 ...
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации