Openafs · Openafs · CVE-2017-17432
**Name of the Vulnerable Software and Affected Versions**
OpenAFS versions 1.x before 1.6.22
**Description**
The issue allows remote attackers to cause a denial of service, resulting in a system crash or application crash, by sending crafted Rx ack packets with improperly validated fields. This can be achieved through an integer underflow and assertion failure, particularly when using a small MTU value.
**Recommendations**
For OpenAFS versions 1.x before 1.6.22, update to version 1.6.22 or later to resolve the issue.