Buffer overflow in Openafs

CVE-2015-3285

The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.

Vulnerability class: Buffer Overflow

EPSS: 0.004 (26.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References