CVE-2024-10397

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-10397
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-10397.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-10397
Downstream
Published
2024-11-14T19:33:15.462Z
Modified
2026-05-14T06:48:43.982588990Z
Severity
  • 7.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Preallocated buffer overflows in XDR responses
Details

A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.

Database specific 
{
    "cwe_ids": [
        "CWE-787"
    ],
    "cna_assigner": "fedora",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/10xxx/CVE-2024-10397.json"
}
References

Affected packages

Git / github.com/openafs/openafs

Affected ranges

Type
GIT
Repo
https://github.com/openafs/openafs
Events
Introduced
87c10e8d7f05dbbdf12ee9e8651dcec07e08af3f
Fixed
418214d1db7b52575afd6a8c478ca4968ba3ba05
Introduced
a08327fe2e74269d26eef1cddd7c9f9b7efa96e2
Fixed
04c4bd974e519cec15e9a7aece1feab11eee31c5
Introduced
0a7d0c30a940dbbafe3f97fa222750d95870df93
Fixed
2ab21bd6c0bbcc0e663c3b8b9521724316f0a611
Database specific 
{
    "extracted_events": [
        {
            "introduced": "1.0"
        },
        {
            "fixed": "1.6.24"
        },
        {
            "introduced": "1.8.0"
        },
        {
            "fixed": "1.8.12.2"
        },
        {
            "introduced": "1.9.0"
        },
        {
            "fixed": "1.9.1"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

Other
BP-disconnected
BP-openafs-devel-1_5_x
BP-openafs-devel-autoconf
BP-openafs-rxkad-krb5
BP-openafs-stable-1_0_x
BP-openafs-stable-1_2_x
BP-openafs-stable-1_4_x
BP-openafs-windows-kdfs-ifs
mp-rxtcp-20060314
mp-rxtcp-20060505
openafs-devel-1_3_0
openafs-devel-1_3_1
openafs-devel-1_3_50
openafs-devel-1_3_51
openafs-devel-1_3_60
openafs-devel-1_3_61
openafs-devel-1_3_62
openafs-devel-1_3_63
openafs-devel-1_3_64
openafs-devel-1_3_65
openafs-devel-1_3_66
openafs-devel-1_5_0
openafs-devel-1_5_1
openafs-devel-1_5_61
openafs-devel-1_5_62
openafs-devel-1_5_63
openafs-devel-1_5_64
openafs-devel-1_5_65
openafs-devel-1_5_66
openafs-devel-1_5_67
openafs-devel-1_5_68
openafs-devel-1_5_69
openafs-devel-1_5_70
openafs-devel-1_5_71
openafs-devel-1_5_72
openafs-devel-1_5_73
openafs-devel-1_5_73_1
openafs-devel-1_5_73_2
openafs-devel-1_5_73_3
openafs-devel-1_5_74
openafs-devel-1_5_74_1
openafs-devel-1_5_75
openafs-devel-1_5_76
openafs-devel-1_5_77
openafs-devel-1_5_78
openafs-devel-1_7_24
openafs-devel-1_9_0
openafs-devel-license-update
openafs-devel_1_3_3
openafs-ibm-1_0
openafs-root
openafs-rxkad-krb5-minimal
openafs-stable-1_0_1
openafs-stable-1_6_0
openafs-stable-1_6_0a
openafs-stable-1_6_0b
openafs-stable-1_6_0pre1
openafs-stable-1_6_0pre2
openafs-stable-1_6_0pre3
openafs-stable-1_6_0pre4
openafs-stable-1_6_0pre5
openafs-stable-1_6_0pre6
openafs-stable-1_6_0pre7
openafs-stable-1_6_10
openafs-stable-1_6_10pre1
openafs-stable-1_6_11
openafs-stable-1_6_11_1
openafs-stable-1_6_11pre1
openafs-stable-1_6_11pre2
openafs-stable-1_6_12
openafs-stable-1_6_12pre1
openafs-stable-1_6_12pre2
openafs-stable-1_6_13
openafs-stable-1_6_14
openafs-stable-1_6_14_1
openafs-stable-1_6_16
openafs-stable-1_6_16pre1
openafs-stable-1_6_17
openafs-stable-1_6_18
openafs-stable-1_6_18_1
openafs-stable-1_6_18_2
openafs-stable-1_6_18_3
openafs-stable-1_6_18pre1
openafs-stable-1_6_19
openafs-stable-1_6_19pre1
openafs-stable-1_6_1pre1
openafs-stable-1_6_1pre2
openafs-stable-1_6_2
openafs-stable-1_6_20
openafs-stable-1_6_20_1
openafs-stable-1_6_20_2
openafs-stable-1_6_21
openafs-stable-1_6_21_1
openafs-stable-1_6_21pre1
openafs-stable-1_6_22
openafs-stable-1_6_22_1
openafs-stable-1_6_22_2
openafs-stable-1_6_22_3
openafs-stable-1_6_22_4
openafs-stable-1_6_23
openafs-stable-1_6_2_1
openafs-stable-1_6_2pre1
openafs-stable-1_6_2pre2
openafs-stable-1_6_2pre3
openafs-stable-1_6_3
openafs-stable-1_6_3pre2
openafs-stable-1_6_3pre3
openafs-stable-1_6_4
openafs-stable-1_6_6
openafs-stable-1_6_6pre1
openafs-stable-1_6_6pre2
openafs-stable-1_6_8
openafs-stable-1_6_8pre1
openafs-stable-1_6_8pre2
openafs-stable-1_8_0
openafs-stable-1_8_1
openafs-stable-1_8_10
openafs-stable-1_8_10pre1
openafs-stable-1_8_11
openafs-stable-1_8_11pre1
openafs-stable-1_8_12
openafs-stable-1_8_12_1
openafs-stable-1_8_12pre1
openafs-stable-1_8_1_1
openafs-stable-1_8_1pre1
openafs-stable-1_8_1pre2
openafs-stable-1_8_2
openafs-stable-1_8_3
openafs-stable-1_8_3pre1
openafs-stable-1_8_4
openafs-stable-1_8_4pre1
openafs-stable-1_8_4pre2
openafs-stable-1_8_5
openafs-stable-1_8_6
openafs-stable-1_8_6pre1
openafs-stable-1_8_6pre2
openafs-stable-1_8_6pre3
openafs-stable-1_8_8
openafs-stable-1_8_8_1
openafs-stable-1_8_8pre1
openafs-stable-1_8_8pre2
openafs-stable-1_8_9
openafs-stable-1_8_9pre1
openafs-stable-1_8_9pre2
openafs_stable_1_6_14_1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-10397.json"