Race condition in fileserver in OpenAFS 1.3.50 up to and including 1.4.5 and 1.5.0 up to and including 1.5.27 allows remote malicious users to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openafs openafs |
||
debian debian linux 3.1 |
||
debian debian linux 4.0 |