CVE-2009-1250

N/A Unknown

Published: April 09, 2009 Modified: April 23, 2026

Description

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/34655

Source: cve@mitre.org

http://secunia.com/advisories/34684

Source: cve@mitre.org

http://secunia.com/advisories/36310

Source: cve@mitre.org

http://secunia.com/advisories/42896

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-201101-05.xml

Source: cve@mitre.org

http://www-01.ibm.com/support/docview.wss?uid=swg21396389

Source: cve@mitre.org

http://www-1.ibm.com/support/docview.wss?uid=swg1ID71123

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1768

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2009:099

Source: cve@mitre.org

http://www.openafs.org/security/OPENAFS-SA-2009-002.txt

Source: cve@mitre.org

http://www.openafs.org/security/openafs-sa-2009-002.patch

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/34404

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/0984

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0117

Source: cve@mitre.org

http://secunia.com/advisories/34655

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34684

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/36310

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/42896

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201101-05.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21396389

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-1.ibm.com/support/docview.wss?uid=swg1ID71123

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1768

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2009:099

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openafs.org/security/OPENAFS-SA-2009-002.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openafs.org/security/openafs-sa-2009-002.patch

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/34404

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/0984

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0117

Source: af854a3a-2127-422b-91ae-364da2661108

28 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

5.8%

91th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-189

Affected Vendors

ibm openafs linux

Related CVEs

CVE-2026-7000 2.4

CVE-2026-6999 2.4

CVE-2026-6998 2.4

CVE-2026-6997 2.4

CVE-2026-6996 2.4