CVE-2014-6417
EPSS 5.2%
描述
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket.
如何修補 CVE-2014-6417
要修補 CVE-2014-6417,請將受影響套件升級到下列已修補版本。
- Debian/linux—升級至 3.16.3-1 或更新版本
CVE-2014-6417 正在被利用嗎?
中等 — EPSS 為 5.2%,可持續追蹤但非最高優先。
受影響套件(1)
- from 0, < 3.16.3-1