Simon Wilkinson

**Name of the Vulnerable Software and Affected Versions** OpenAFS versions 1.0 through 1.4.8 OpenAFS versions 1.5.0 through 1.5.58 OpenAFS versions prior to 1.6.5 **Description** The issue affects the cache manager in the client, allowing remote attackers to cause a denial of service, potentially leading to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be done remotely, related to the use of the ERR PTR macro when handling an RX response with a large error-code value that is interpreted as a pointer and dereferenced. **Recommendations** For OpenAFS versions 1.0 through 1.4.8, update to a version later than 1.4.8. For OpenAFS versions 1.5.0 through 1.5.58, update to a version later than 1.5.58. For OpenAFS versions prior to 1.6.5, update to version 1.6.5 or later.

**Name of the Vulnerable Software and Affected Versions** OpenAFS versions 1.0 through 1.4.8 OpenAFS versions 1.5.0 through 1.5.58 **Description** The issue is related to a heap-based buffer overflow in the cache manager of the client in OpenAFS, which can be exploited by remote attackers. This can be achieved by sending an RX response containing more data than specified in a request, potentially leading to a denial of service or the execution of arbitrary code. The vulnerability is associated with the use of XDR arrays. Multiple vulnerabilities in the OpenAFS package can lead to breaches of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely. **Recommendations** For OpenAFS versions 1.0 through 1.4.8, update to version 1.4.9 or later. For OpenAFS versions 1.5.0 through 1.5.58, update to version 1.5.59 or later. As a temporary workaround, consider restricting access to the cache manager to minimize the risk of exploitation.