CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
94.8%
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does
not properly consider the possibility of kmalloc failure, which allows
remote attackers to cause a denial of service (system crash) or possibly
have unspecified other impact via a long unencrypted auth ticket.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
tracker.ceph.com/issues/8979
launchpad.net/bugs/cve/CVE-2014-6417
nvd.nist.gov/vuln/detail/CVE-2014-6417
security-tracker.debian.org/tracker/CVE-2014-6417
ubuntu.com/security/notices/USN-2376-1
ubuntu.com/security/notices/USN-2377-1
ubuntu.com/security/notices/USN-2378-1
ubuntu.com/security/notices/USN-2379-1
www.cve.org/CVERecord?id=CVE-2014-6417