net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 3.0.86 (excluding) |
Linux_kernel | Linux | 3.1 (including) | 3.2.49 (excluding) |
Linux_kernel | Linux | 3.3 (including) | 3.4.53 (excluding) |
Linux_kernel | Linux | 3.5 (including) | 3.9.10 (excluding) |
Linux_kernel | Linux | 3.10 (including) | 3.10 (including) |