net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 3.2.64 (excluding) |
Linux_kernel | Linux | 3.3 (including) | 3.4.105 (excluding) |
Linux_kernel | Linux | 3.5 (including) | 3.10.55 (excluding) |
Linux_kernel | Linux | 3.11 (including) | 3.12.29 (excluding) |
Linux_kernel | Linux | 3.13 (including) | 3.14.19 (excluding) |
Linux_kernel | Linux | 3.15 (including) | 3.16.3 (excluding) |