Published: 28/09/2014 Updated: 07/11/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

net/ceph/auth_x.c in Ceph, as used in the Linux kernel prior to 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote malicious users to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several security issues were fixed in the kernel ...

net/ceph/auth_xc in Ceph, as used in the Linux kernel before 3163, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket ...

CWE-399 http://www.openwall.com/lists/oss-security/2014/09/15/7 https://github.com/torvalds/linux/commit/c27a3e4d667fdcad3db7b104f75659478e0c68d8 https://bugzilla.redhat.com/show_bug.cgi?id=1142072 http://tracker.ceph.com/issues/9560 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 http://tracker.ceph.com/issues/8979 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2379-1 http://www.ubuntu.com/usn/USN-2378-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 https://nvd.nist.gov https://usn.ubuntu.com/2376-1/https://access.redhat.com/security/cve/cve-2014-6417

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-6417

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect