PT-2014-7217 · Linux+3 · Linux Kernel+3

Wade Mealing

Publicado

2014-09-19

Atualizado

2023-05-19

CVE-2014-6418

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Ceph versions prior to 3.16.3 Linux kernel versions prior to 3.16.3

Description The issue is related to the improper validation of auth replies in the net/ceph/auth x.c component. This can be exploited by remote attackers using crafted data from the IP address of a Ceph Monitor, potentially leading to a denial of service (system crash) or other unspecified impacts.

Recommendations For Ceph versions prior to 3.16.3, update to version 3.16.3 or later to resolve the issue. For Linux kernel versions prior to 3.16.3, update to version 3.16.3 or later to resolve the issue.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2014-2158

ALT-PU-2014-2159

CVE-2014-6418

USN-2376-1

USN-2377-1

USN-2378-1

USN-2379-1

Produtos afetados

Alt Linux

Ceph

Linux Kernel

Ubuntu

PT-2014-7217 · Linux+3 · Linux Kernel+3

CVE-2014-6418

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 32