CVE-2015-3285

OpenAFS < 1.6.13 - Denial of Service via OSD FS Command Pioctl

Title source: llm
STIX 2.1

Description

The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033262
Various Sources x_refsource_confirm
https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3320
Vendor Advisory mailing-list x_refsource_mlist
https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html

Scores

EPSS 0.0035
EPSS Percentile 27.1%

Details

CWE
CWE-119
Status published
Products (1)
openafs/openafs < 1.6.12
Published Aug 12, 2015
Tracked Since Feb 18, 2026