CVE-2017-17432 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17432): OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.
@Maintainers please call for stabilization when ready. Thank you
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c503fe8842939584872c31d6233dae71759e131d commit c503fe8842939584872c31d6233dae71759e131d Author: NP-Hardass <NP-Hardass@gentoo.org> AuthorDate: 2017-12-11 19:00:51 +0000 Commit: NP-Hardass <NP-Hardass@gentoo.org> CommitDate: 2017-12-11 19:06:34 +0000 net-fs/openafs: Stable for amd64, x86 Bug: https://bugs.gentoo.org/640536 Package-Manager: Portage-2.3.16, Repoman-2.3.6 net-fs/openafs/openafs-1.6.22.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=45f3e2841572db315afc15b33a7c616e560332fb commit 45f3e2841572db315afc15b33a7c616e560332fb Author: NP-Hardass <NP-Hardass@gentoo.org> AuthorDate: 2017-12-11 18:57:30 +0000 Commit: NP-Hardass <NP-Hardass@gentoo.org> CommitDate: 2017-12-11 19:06:32 +0000 net-fs/openafs-kernel: Stable for amd64, x86 Bug: https://bugs.gentoo.org/640536 Package-Manager: Portage-2.3.16, Repoman-2.3.6 net-fs/openafs-kernel/openafs-kernel-1.6.22.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=02e8c5da797f9c28df724f941d6e11db50b0cdd9 commit 02e8c5da797f9c28df724f941d6e11db50b0cdd9 Author: NP-Hardass <NP-Hardass@gentoo.org> AuthorDate: 2017-12-11 18:49:13 +0000 Commit: NP-Hardass <NP-Hardass@gentoo.org> CommitDate: 2017-12-11 19:06:31 +0000 net-fs/openafs: Bump to 1.6.22 CVE: 2017-17432 Bug: https://bugs.gentoo.org/640536 Package-Manager: Portage-2.3.16, Repoman-2.3.6 net-fs/openafs/Manifest | 2 + net-fs/openafs/openafs-1.6.22.ebuild | 222 +++++++++++++++++++++++++++++++++++ 2 files changed, 224 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c7fa56850b76136df5394bf9dfabeeb32a23eca commit 8c7fa56850b76136df5394bf9dfabeeb32a23eca Author: NP-Hardass <NP-Hardass@gentoo.org> AuthorDate: 2017-12-11 18:47:46 +0000 Commit: NP-Hardass <NP-Hardass@gentoo.org> CommitDate: 2017-12-11 19:06:29 +0000 net-fs/openafs-kernel: Bump to 1.6.22 CVE: 2017-17432 Bug: https://bugs.gentoo.org/640536 Package-Manager: Portage-2.3.16, Repoman-2.3.6 net-fs/openafs-kernel/Manifest | 1 + net-fs/openafs-kernel/openafs-kernel-1.6.22.ebuild | 134 +++++++++++++++++++++ 2 files changed, 135 insertions(+)}
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=775ef9dfac3c9a07e5ec226d0de448a8cdf95501 commit 775ef9dfac3c9a07e5ec226d0de448a8cdf95501 Author: NP-Hardass <NP-Hardass@gentoo.org> AuthorDate: 2017-12-11 19:16:05 +0000 Commit: NP-Hardass <NP-Hardass@gentoo.org> CommitDate: 2017-12-11 19:16:05 +0000 net-fs/openafs-kernel: Drop older versions Bug: https://bugs.gentoo.org/640536 Package-Manager: Portage-2.3.16, Repoman-2.3.6 net-fs/openafs-kernel/Manifest | 5 - .../openafs-kernel/openafs-kernel-1.6.20.1.ebuild | 134 --------------------- .../openafs-kernel-1.6.20.2-r1.ebuild | 134 --------------------- .../openafs-kernel/openafs-kernel-1.6.21-r1.ebuild | 134 --------------------- .../openafs-kernel/openafs-kernel-1.6.21.1.ebuild | 134 --------------------- 5 files changed, 541 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b628e20fc4a845b1fb5b848cca7c93f0124464da commit b628e20fc4a845b1fb5b848cca7c93f0124464da Author: NP-Hardass <NP-Hardass@gentoo.org> AuthorDate: 2017-12-11 19:15:24 +0000 Commit: NP-Hardass <NP-Hardass@gentoo.org> CommitDate: 2017-12-11 19:15:24 +0000 net-fs/openafs: Drop older versions Bug: https://bugs.gentoo.org/640536 Package-Manager: Portage-2.3.16, Repoman-2.3.6 net-fs/openafs/Manifest | 9 -- net-fs/openafs/openafs-1.6.20.1.ebuild | 222 ------------------------------ net-fs/openafs/openafs-1.6.20.2-r1.ebuild | 222 ------------------------------ net-fs/openafs/openafs-1.6.21-r1.ebuild | 222 ------------------------------ net-fs/openafs/openafs-1.6.21.1.ebuild | 222 ------------------------------ 5 files changed, 897 deletions(-)}
(In reply to Christopher Díaz Riveros from comment #1) > @Maintainers please call for stabilization when ready. > > Thank you Self stabilized for amd64, x86. Stable keywords dropped for sparc due to move from stable to experimental arch. All vulnerable versions dropped from tree. Feel free to move ahead with glsa process.
(In reply to NP-Hardass from comment #4) > Self stabilized for amd64, x86. Stable keywords dropped for sparc due to > move from stable to experimental arch. > > All vulnerable versions dropped from tree. > > Feel free to move ahead with glsa process. Thank you, closing as FIXED. GLSA Vote: No.