Information disclosure in Openafs

CVE-2015-7762

rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1…

Vulnerability class: Information Disclosure

EPSS: 0.021 (79.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References