Bug#883602: OPENAFS-SA-2017-001: Rx assertion failure from insufficient input validation

Salvatore Bonaccorso Tue, 05 Dec 2017 21:42:25 -0800

Control: retitle -1 openafs: CVE-2017-17432: OPENAFS-SA-2017-001: Rx assertion 
failure from insufficient input validation


Hi Ben,

On Tue, Dec 05, 2017 at 10:01:14AM -0600, Benjamin Kaduk wrote:
> Source: openafs
> Version: 1.6.1-3+deb7u7
> Tags: security upstream fixed-upstream pending
> Severity: important
> 
> Upstream OpenAFS released security advisory OPENAFS-SA-2017-001
> today; insufficient validation of data contained in Rx ack packets
> leads to the use of an invalid MTU value, ultimately leading to an
> assertion failure and application crash or kernel BUG.

This issue has been assigned CVE-2017-17432. Can you foward this
information to upstream?

Regards,
Salvatore

Bug#883602: OPENAFS-SA-2017-001: Rx assertion failure from insufficient input validation

Reply via email to