Gentoo Linux Security Advisory 202105-39 - Multiple vulnerabilities have been found in Ceph, the worst of which could result in privilege escalation. Versions less than 14.2.21 are affected.
7ab3522f846f6a648172b2520a0ceaea2ea557ede4081b724f6d25d68464c1a9Ubuntu Security Notice 4706-1 - Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header injection via a CORS ExposeHeader tag. An attacker could use this to gain access or cause a crash. Various other issues were also addressed.
5ca5f6fbb96672b6cacce6e620542245a2be459f209d4b6805ec82e20023821fRed Hat Security Advisory 2021-0081-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. This package contains a new implementation of the original libtirpc, transport-independent RPC library for NFS-Ganesha. NFS-GANESHA is a NFS Server running in user space. It comes with various back-end modules provided as shared objects to support different file systems and name-spaces.
17dce88e2e15a0cea165212958e4b057227b0cd6687f9a062344666603c0b458Red Hat Security Advisory 2020-5325-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
075f8bf44f6f811a575e079675877d4ed64e3a9e786f7f3b20c3d1dd5948af59
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed