Launchpad.net

CVE 2015-7762

rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.

Related bugs and status

CVE-2015-7762 (Candidate) is related to these bugs:

Bug #1513461: OPENAFS-SA-2015-007 "Tattletale"

		In	Importance	Status
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu)	High	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Wily)	Undecided	Confirmed
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Trusty)	Undecided	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Xenial)	High	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Precise)	Undecided	Fix Released
1513461	OPENAFS-SA-2015-007 "Tattletale"	openafs (Ubuntu Vivid)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-7762

Related bugs and status

Related bugs

References