CVE-2014-2852

OpenAFS < 1.6.7 - Denial of Service via Invalid RXS_CheckResponse Packet

Title source: llm
STIX 2.1

Description

OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.

References (2)

Core 2
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2014/dsa-2899

Scores

EPSS 0.0129
EPSS Percentile 66.8%

Details

CWE
CWE-20
Status published
Products (10)
openafs/openafs 1.6.0
openafs/openafs 1.6.1
openafs/openafs 1.6.2
openafs/openafs 1.6.2.1
openafs/openafs 1.6.3
openafs/openafs 1.6.4
openafs/openafs 1.6.5
openafs/openafs 1.6.5.1
openafs/openafs 1.6.5.2
openafs/openafs < 1.6.6
Published Apr 14, 2014
Tracked Since Feb 18, 2026