// For flags

CVE-2014-6418

 

Severity Score

7.1
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.

net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no valida debidamente las respuestas de autor válidas, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posiblemente tener otro impacto no especificado a través de datos manipulados de la dirección IP de un monitor Ceph.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-09-15 CVE Reserved
  • 2014-09-28 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-399: Resource Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
< 3.2.64
Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.64"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.3 < 3.4.105
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.105"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.5 < 3.10.55
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.55"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.11 < 3.12.29
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.29"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.13 < 3.14.19
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.19"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.15 < 3.16.3
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 3.16.3"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
esm
Affected