net/ceph/authnone.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an authreply message that triggers an attempted build_request operation.