CVE-2015-3286

Published: 12 August 2015

Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG.

Notes

Author	Note
seth-arnold	Not affected, solaris kernel issue

Priority

Status

Package	Release	Status
openafs Launchpad, Ubuntu, Debian	precise	Not vulnerable
	trusty	Does not exist (trusty was not-affected)
	upstream	Released (1.6.13)
	vivid	Not vulnerable
	Patches: upstream: http://www.openafs.org/security/openafs-sa-2015-005.patch

References

http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt
https://www.cve.org/CVERecord?id=CVE-2015-3286
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›