CVE-2015-3285
Published: 12 August 2015
The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.
Priority
Status
Package | Release | Status |
---|---|---|
openafs Launchpad, Ubuntu, Debian |
precise |
Released
(1.6.1-1+ubuntu0.6)
|
trusty |
Released
(1.6.7-1ubuntu1.1)
|
|
upstream |
Released
(1.6.13)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Not vulnerable
(1.6.14-1)
|
|
Patches: upstream: http://www.openafs.org/pages/security/openafs-sa-2015-004.patch |