CVE-2011-0431

Name of the Vulnerable Software and Affected Versions OpenAFS versions 1.4.7 through 1.4.14 OpenAFS versions prior to 1.6.5

Description The issue is related to the improper handling of errors in the afs linux lock function, which can lead to a denial of service. Additionally, there are multiple vulnerabilities in the openafs package that can compromise the confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For OpenAFS versions 1.4.7 through 1.4.14, update to a version later than 1.4.14. For OpenAFS versions prior to 1.6.5, update to version 1.6.5 or later. As a temporary workaround, consider restricting access to the vulnerable function until a patch is available.