Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2014-6418

Published: 28/09/2014 Updated: 07/11/2023
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
VMScore: 633
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

net/ceph/auth_x.c in Ceph, as used in the Linux kernel prior to 3.16.3, does not properly validate auth replies, which allows remote malicious users to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

canonical ubuntu linux 14.04

canonical ubuntu linux 12.04

Vendor Advisories

Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Several security issues were fixed in the kernel ...
Red Hat: CVE-2014-6418
net/ceph/auth_xc in Ceph, as used in the Linux kernel before 3163, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor ...

References

CWE-399http://www.openwall.com/lists/oss-security/2014/09/15/7http://tracker.ceph.com/issues/9561http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3http://tracker.ceph.com/issues/8979https://github.com/torvalds/linux/commit/c27a3e4d667fdcad3db7b104f75659478e0c68d8https://bugzilla.redhat.com/show_bug.cgi?id=1142073http://www.ubuntu.com/usn/USN-2377-1http://www.ubuntu.com/usn/USN-2376-1http://www.ubuntu.com/usn/USN-2379-1http://www.ubuntu.com/usn/USN-2378-1http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8https://nvd.nist.govhttps://usn.ubuntu.com/2376-1/https://access.redhat.com/security/cve/cve-2014-6418
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120CVE-2024-35921CVE-2024-35874brute forceCVE-2024-36080unprivilegedCVE-2024-35917IDORCVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook