CVE-2013-1059

2013-07-0800:00:00

ubuntu.com

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.04 Low

EPSS

Percentile

92.0%

JSON

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote
attackers to cause a denial of service (NULL pointer dereference and system
crash) or possibly have unspecified other impact via an auth_reply message
that triggers an attempted build_request operation.

Bugs

<https://launchpad.net/bugs/1213824>

Notes

Author	Note
jj	other: https://bugzilla.redhat.com/attachment.cgi?id=767633&action=diff upstream: https://git.kernel.org/cgit/linux/kernel/git/sage/ceph-client.git/commit/?id=2cb33cac622afde897aa02d3dcd9fbba8bae839e

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux< 3.2.0-53.81UNKNOWN
ubuntu12.10noarchlinux< 3.5.0-39.60UNKNOWN
ubuntu13.04noarchlinux< 3.8.0-29.42UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1624.36UNKNOWN
ubuntu12.10noarchlinux-armadaxp< 3.5.0-1620.28UNKNOWN
ubuntu12.04noarchlinux-lts-quantal< 3.5.0-39.60~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-raring< 3.8.0-29.42~precise1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1437.56UNKNOWN
ubuntu12.10noarchlinux-ti-omap4< 3.5.0-231.47UNKNOWN
ubuntu13.04noarchlinux-ti-omap4< 3.5.0-231.47UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	linux	< 3.2.0-53.81	UNKNOWN
ubuntu	12.10	noarch	linux	< 3.5.0-39.60	UNKNOWN
ubuntu	13.04	noarch	linux	< 3.8.0-29.42	UNKNOWN
ubuntu	12.04	noarch	linux-armadaxp	< 3.2.0-1624.36	UNKNOWN
ubuntu	12.10	noarch	linux-armadaxp	< 3.5.0-1620.28	UNKNOWN
ubuntu	12.04	noarch	linux-lts-quantal	< 3.5.0-39.60~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-lts-raring	< 3.8.0-29.42~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-ti-omap4	< 3.2.0-1437.56	UNKNOWN
ubuntu	12.10	noarch	linux-ti-omap4	< 3.5.0-231.47	UNKNOWN
ubuntu	13.04	noarch	linux-ti-omap4	< 3.5.0-231.47	UNKNOWN