CVE-2011-0431 - OpenCVE

The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Openafs	Openafs

Configuration 1 [-]

OR	cpe:2.3:a:openafs:openafs:1.4.7:::::::*
	cpe:2.3:a:openafs:openafs:1.4.12:::::::*
	cpe:2.3:a:openafs:openafs:1.4.14:::::::*

References

Link	Resource
http://secunia.com/advisories/43371	Vendor Advisory
http://secunia.com/advisories/43407	Vendor Advisory
http://www.debian.org/security/2011/dsa-2168
http://www.securityfocus.com/bid/46428
http://www.securitytracker.com/id?1025095
http://www.vupen.com/english/advisories/2011/0410	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0411	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2011-02-18T23:00:00

Updated: 2011-03-11T10:00:00

Reserved: 2011-01-12T00:00:00

Link: CVE-2011-0431

JSON object: View

NVD Information

Status : Modified

Published: 2011-02-19T01:00:03.167

Modified: 2011-03-11T03:50:41.113

Link: CVE-2011-0431

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-16T00:00:00", "descriptions": [{"lang": "en", "value": "The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-03-11T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "46428", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46428"}, {"name": "DSA-2168", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2168"}, {"name": "ADV-2011-0410", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0410"}, {"name": "43371", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43371"}, {"name": "1025095", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025095"}, {"name": "ADV-2011-0411", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0411"}, {"name": "43407", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43407"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-0431", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46428", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46428"}, {"name": "DSA-2168", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2168"}, {"name": "ADV-2011-0410", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0410"}, {"name": "43371", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43371"}, {"name": "1025095", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025095"}, {"name": "ADV-2011-0411", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0411"}, {"name": "43407", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43407"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-0431", "datePublished": "2011-02-18T23:00:00", "dateReserved": "2011-01-12T00:00:00", "dateUpdated": "2011-03-11T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openafs:openafs:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D6F42FFC-9EA1-471C-8E5F-F8860BB2EA06", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "77998ED3-15AE-4547-AAF3-596F4DC7C399", "vulnerable": true}, {"criteria": "cpe:2.3:a:openafs:openafs:1.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "722F4AB9-D515-4616-996E-37C2A6007AA6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "La funci\u00f3n afs_linux_lock en afs/Linux/osi_vnodeops.c en el m\u00f3dulo del kernel en OpenAFS v1.4.14, v1.4.12, v1.4.7, y posiblemente otras versiones no controla correctamente los errores, que permite a atacantes provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos. NOTA: Algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."}], "id": "CVE-2011-0431", "lastModified": "2011-03-11T03:50:41.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-19T01:00:03.167", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43371"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43407"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2011/dsa-2168"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/46428"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1025095"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0410"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0411"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}