CVE-2015-8312

Published: May 13, 2016Modified: May 6, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.

Affected (3)

Products: Openafs: Openafs · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openafs Openafs	Up to 1.6.15

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Related CWEs

CWE-189

References (6)

http://git.openafs.org/?p=openafs.git%3Ba=commitdiff%3Bh=2ef863720da4d9f368aaca0461c672a3008195ca

Source: cve@mitre.org

http://www.debian.org/security/2016/dsa-3569

Source: cve@mitre.org

Third Party Advisory

https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16

Source: cve@mitre.org

Vendor Advisory

http://git.openafs.org/?p=openafs.git%3Ba=commitdiff%3Bh=2ef863720da4d9f368aaca0461c672a3008195ca

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2016/dsa-3569

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.