CVE-2015-3285 - Erethismic Popimp

Description

The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.

Reference

https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13 http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt http://www.debian.org/security/2015/dsa-3320 https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html http://www.securitytracker.com/id/1033262