Описание
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.6.17-1 |
| cosmic | not-affected | 1.6.17-1 |
| devel | not-affected | 1.6.17-1 |
| disco | not-affected | 1.6.17-1 |
| eoan | not-affected | 1.6.17-1 |
| esm-apps/bionic | not-affected | 1.6.17-1 |
| esm-apps/focal | not-affected | 1.6.17-1 |
| esm-apps/jammy | not-affected | 1.6.17-1 |
| esm-apps/noble | not-affected | 1.6.17-1 |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
The client in OpenAFS before 1.6.17 does not properly initialize the ( ...
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3