rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libafsauthent1" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libafsauthent1-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libafsrpc1" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libafsrpc1-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libkopenafs1" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libkopenafs1-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libopenafs-dev" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libopenafs-dev-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libpam-openafs-kaserver" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "libpam-openafs-kaserver-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-client" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-client-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-dbg" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-dbserver" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-dbserver-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-doc" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-fileserver" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-fileserver-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-fuse" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-fuse-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-kpasswd" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-kpasswd-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-krb5" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-krb5-dbgsym" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-modules-dkms" }, { "binary_version": "1.6.7-1ubuntu1.1", "binary_name": "openafs-modules-source" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.6.15-1", "binary_name": "libafsauthent1" }, { "binary_version": "1.6.15-1", "binary_name": "libafsauthent1-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "libafsrpc1" }, { "binary_version": "1.6.15-1", "binary_name": "libafsrpc1-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "libkopenafs1" }, { "binary_version": "1.6.15-1", "binary_name": "libkopenafs1-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "libopenafs-dev" }, { "binary_version": "1.6.15-1", "binary_name": "libopenafs-dev-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "libpam-openafs-kaserver" }, { "binary_version": "1.6.15-1", "binary_name": "libpam-openafs-kaserver-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-client" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-client-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-dbg" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-dbserver" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-dbserver-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-doc" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-fileserver" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-fileserver-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-fuse" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-fuse-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-kpasswd" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-kpasswd-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-krb5" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-krb5-dbgsym" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-modules-dkms" }, { "binary_version": "1.6.15-1", "binary_name": "openafs-modules-source" } ] }