CVE-2015-3285

medium

Description

The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.

References

https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13

https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html

http://www.securitytracker.com/id/1033262

http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt

http://www.debian.org/security/2015/dsa-3320

Details

Source: Mitre, NVD

Published: 2015-08-12

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

Detections

Analytics