Control: retitle -1 openafs: CVE-2017-17432: OPENAFS-SA-2017-001: Rx assertion failure from insufficient input validation
Hi Ben, On Tue, Dec 05, 2017 at 10:01:14AM -0600, Benjamin Kaduk wrote: > Source: openafs > Version: 1.6.1-3+deb7u7 > Tags: security upstream fixed-upstream pending > Severity: important > > Upstream OpenAFS released security advisory OPENAFS-SA-2017-001 > today; insufficient validation of data contained in Rx ack packets > leads to the use of an invalid MTU value, ultimately leading to an > assertion failure and application crash or kernel BUG. This issue has been assigned CVE-2017-17432. Can you foward this information to upstream? Regards, Salvatore