From ${URL} : Description A vulnerability has been reported in Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error in Ceph when handling "auth_reply" messages. This can be exploited to crash the kernel by a specially crafted Ceph message. Successful exploitation requires that the kernel is built and configured with Ceph. The vulnerability is reported in versions 3.9.8 and 3.10. Other versions may also be affected. Solution: No official solution is currently available.
*** Bug 476446 has been marked as a duplicate of this bug. ***
CVE-2013-1059 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1059): net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.
According to CVE vulnerable versions are <3.9.10 and <3.10.1 @kernel team: please check and report
(In reply to Sergey Popov from comment #3) > According to CVE vulnerable versions are <3.9.10 and <3.10.1 Fix introduced in 3.0.86 as 314d3e7c43ea9125ef257dad74f494c0c82b7fe3. Fix introduced in 3.2.49 as 88a4055704b39e5c67c9cbc837cc15ec6a6d8671. Fix introduced in 3.4.53 as a0d7384148e8e828f71f46ab10698daca41e64d8. Fix introduced in 3.9.10 as fa074f3906ba77bc79d3b519e4a4b8ae08b98ea1. Fix introduced in 3.10.1 as b96e7dacf24315a84f71ba0f15a603ba5f82b010. > @kernel team: please check and report Only vulnerable version in tree is v3.8.13. Will decide soon with lead whether to backport (applies clean) or mask it.
(In reply to Tom Wijsman (TomWij) from comment #4) > Will decide soon with lead whether to backport (applies clean) or mask it. We have to decided to mask it to encourage users to upgrade to a more secure and stable release; 3.8.13 will then be removed from the Portage tree after 3.11 enters the Portage tree, giving people a reasonable amount of time to upgrade. Two questions: 1. Does this affect hardened-sources or is it not a problem there because they have patches or this in place? I see they have affected 3.9 versions. 2. What do we do about stabilized vulnerable package versions like =sys-kernel/tuxonice-sources-3.8.13? Do these fall outside security even when stable?
No 3.8.13 kernels are in the tree. Cleanup complete.