CVE-2013-1059
Linux Kernel <= 3.10 - Denial of Service via Ceph Auth None Message Handling
Title source: llmDescription
net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.
References (10)
Core 10
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/07/09/7
Third Party Advisory x_refsource_misc
http://hkpco.kr/advisory/CVE-2013-1059.txt
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/attachment.cgi?id=767633&action=diff
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00012.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=977356
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1941-1
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1942-1
Scores
EPSS
0.0455
EPSS Percentile
90.4%
Details
CWE
CWE-476
Status
published
Products (3)
canonical/ubuntu_linux
12.04
linux/linux_kernel
3.10
linux/linux_kernel
< 3.0.86
Published
Jul 08, 2013
Tracked Since
Feb 18, 2026