CVE-2013-1059

Name: CVE-2013-1059
Creator: NVD / NIST
Published: 2013-07-08T17:55:01.113+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 4.55%

Last modified Jun 16, 2026

CVE-2013-1059 is a vulnerability of currently unknown severity. net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.. EPSS estimates a 4.55% chance of exploitation in the next 30 days.

Description

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.

Metrics

EPSS Probability

4.55%

90.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-476

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	< 3.0.86
Linux	Linux Kernel	>= 3.1, < 3.2.49
Linux	Linux Kernel	>= 3.3, < 3.4.53
Linux	Linux Kernel	>= 3.5, < 3.9.10
Linux	Linux Kernel	3.10
Canonical	Ubuntu Linux	12.04

References

http://hkpco.kr/advisory/CVE-2013-1059.txtThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00012.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.htmlMailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/07/09/7Mailing List, Third Party Advisory
http://www.ubuntu.com/usn/USN-1941-1Third Party Advisory
http://www.ubuntu.com/usn/USN-1942-1Third Party Advisory
https://bugzilla.redhat.com/attachment.cgi?id=767633&action=diffIssue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=977356Issue Tracking, Third Party Advisory
http://hkpco.kr/advisory/CVE-2013-1059.txtThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00012.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.htmlMailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/07/09/7Mailing List, Third Party Advisory
http://www.ubuntu.com/usn/USN-1941-1Third Party Advisory
http://www.ubuntu.com/usn/USN-1942-1Third Party Advisory
https://bugzilla.redhat.com/attachment.cgi?id=767633&action=diffIssue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=977356Issue Tracking, Third Party Advisory

Timeline

Published: Jul 8, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-1059?

How severe is CVE-2013-1059?

Severity scoring for CVE-2013-1059 is pending analysis. The EPSS model estimates a 4.55% probability of exploitation in the next 30 days.

How do I fix CVE-2013-1059?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-1059?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST