Your submission was sent successfully! Close

CVE-2014-4044

Published: 17 June 2014

OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uninitialized memory access and crash) via unspecified vectors related to TMAY requests.

Priority

Medium

Status

Package Release Status
openafs
Launchpad, Ubuntu, Debian
Upstream
Released (1.6.9-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
Patches:
Upstream: http://gerrit.openafs.org/#change,11283