A flaw was found in the kernels handling of ceph authentication tickets.
The auth reply could be returned to a client unvalidated.
This issue did not affect the versions of the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7.0 and Red Hat Enterprise MRG 2 (as they did not include support for this feature).
The tracking bug [bug 1142287] has been closed as dupe, being tracked in BZ 1142285.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):