Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-1129 (GCVE-0-2018-1129)
Vulnerability from cvelistv5 – Published: 2018-07-10 14:00 – Updated: 2024-09-17 01:45
VLAI
EPSS
Summary
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
Severity
No CVSS data available.
CWE
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2018:2261 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:2177 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=1576057 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:2179 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:2274 | vendor-advisoryx_refsource_REDHAT |
| http://tracker.ceph.com/issues/24837 | x_refsource_CONFIRM |
| https://github.com/ceph/ceph/commit/8f396cf35a382… | x_refsource_CONFIRM |
| https://www.debian.org/security/2018/dsa-4339 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2019… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://packetstormsecurity.com/files/154245/Kerne… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | ceph |
Affected:
all versions in branches master, mimic, luminous and jewel
|
Date Public
2018-07-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:2261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"name": "RHSA-2018:2177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"name": "RHSA-2018:2179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"name": "RHSA-2018:2274",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tracker.ceph.com/issues/24837"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"name": "DSA-4339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "openSUSE-SU-2019:1284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ceph",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "all versions in branches master, mimic, luminous and jewel"
}
]
}
],
"datePublic": "2018-07-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-29T02:06:08.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2018:2261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"name": "RHSA-2018:2177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"name": "RHSA-2018:2179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"name": "RHSA-2018:2274",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tracker.ceph.com/issues/24837"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"name": "DSA-4339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "openSUSE-SU-2019:1284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2018-07-09T00:00:00",
"ID": "CVE-2018-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ceph",
"version": {
"version_data": [
{
"version_value": "all versions in branches master, mimic, luminous and jewel"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2261",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"name": "RHSA-2018:2177",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"name": "RHSA-2018:2179",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"name": "RHSA-2018:2274",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"name": "http://tracker.ceph.com/issues/24837",
"refsource": "CONFIRM",
"url": "http://tracker.ceph.com/issues/24837"
},
{
"name": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587",
"refsource": "CONFIRM",
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"name": "DSA-4339",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "openSUSE-SU-2019:1284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"name": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1129",
"datePublished": "2018-07-10T14:00:00.000Z",
"dateReserved": "2017-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:45:51.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-1129",
"date": "2026-05-27",
"epss": "0.00348",
"percentile": "0.57489"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26E67C3A-4458-4DC9-B40E-C0B285C87211\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9184616-421F-4EA9-AC1A-A4C95BBAAC99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C2EBAD9-F0D5-4176-9C4D-001B230E699E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD2F9BA8-FE0A-43DE-A756-C35A24C3D96E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA5F5227-DBDA-4C01-BF7C-4D53F455404F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A80BACB5-7A56-4BC6-9261-58A3860F4E8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8901022A-8A84-494A-A5BF-358F2CBBDFFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76788B0A-7776-4D0C-B0D7-C855E9A0231E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A925DB4-83DC-45D1-A48B-1675A111213B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D22BA440-CB28-445C-A7F8-CBD6E8965B2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A503C653-AFEB-4E5A-872B-AD033C0E2259\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C00462A-A1B8-42A7-9336-DE1BF5510B6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3505D4E2-4EA8-40A4-A57C-46CCA9922EF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09EC481B-79F0-41DB-B95F-D1A221C96F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31F159B5-AF02-48BE-B994-749F21B9D362\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9684039-7938-405D-B833-4C54BFBD6476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FAE4350-8F39-4E78-AB25-17DE76FD57AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B2369D2-4413-447C-A0A8-84CA37B1F5B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3515BF53-4921-462F-820E-B842BB3FF066\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48067E54-26F5-4020-BCEA-A65C2536618B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9A86B91-78C3-4D02-B7C8-11AAFB1CCCEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDBD084F-4A0B-4231-8465-61F8BE5E57F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0885F67A-E01B-4BF2-A760-D452B55C5F69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB9D95E9-52F3-459C-89AD-6FCA6A975085\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"087C6821-9A77-4CC8-8AA0-2C51414D9B58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A667C6AF-76D4-4192-A8BF-395F368EFAE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13BF6806-6E69-4172-9260-2E97FB253339\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCAE0EE4-BBE9-4DBD-84CC-9A72E97E73E6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1E78106-58E6-4D59-990F-75DA575BFAD9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.\"}, {\"lang\": \"es\", \"value\": \"Se ha encontrado un error en la forma en la que el c\\u00e1lculo de firmas es gestionado por el protocolo de autenticaci\\u00f3n cephx. Un atacante que tenga acceso a la red de cl\\u00fasters ceph y que pueda alterar la carga \\u00fatil de los mensajes podr\\u00eda omitir las comprobaciones de firma realizadas por el protocolo cephx. Se cree que las ramas de ceph master, mimic, luminous y jewel son vulnerables.\"}]",
"id": "CVE-2018-1129",
"lastModified": "2024-11-21T03:59:15.087",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 3.3, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.5, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-07-10T14:29:00.417",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://tracker.ceph.com/issues/24837\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2177\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2179\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2261\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2274\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1576057\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4339\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://tracker.ceph.com/issues/24837\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2177\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2261\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2274\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1576057\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4339\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-1129\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-07-10T14:29:00.417\",\"lastModified\":\"2024-11-21T03:59:15.087\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado un error en la forma en la que el c\u00e1lculo de firmas es gestionado por el protocolo de autenticaci\u00f3n cephx. Un atacante que tenga acceso a la red de cl\u00fasters ceph y que pueda alterar la carga \u00fatil de los mensajes podr\u00eda omitir las comprobaciones de firma realizadas por el protocolo cephx. Se cree que las ramas de ceph master, mimic, luminous y jewel son vulnerables.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":3.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E67C3A-4458-4DC9-B40E-C0B285C87211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9184616-421F-4EA9-AC1A-A4C95BBAAC99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C2EBAD9-F0D5-4176-9C4D-001B230E699E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD2F9BA8-FE0A-43DE-A756-C35A24C3D96E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA5F5227-DBDA-4C01-BF7C-4D53F455404F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A80BACB5-7A56-4BC6-9261-58A3860F4E8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8901022A-8A84-494A-A5BF-358F2CBBDFFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76788B0A-7776-4D0C-B0D7-C855E9A0231E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A925DB4-83DC-45D1-A48B-1675A111213B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D22BA440-CB28-445C-A7F8-CBD6E8965B2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A503C653-AFEB-4E5A-872B-AD033C0E2259\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C00462A-A1B8-42A7-9336-DE1BF5510B6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3505D4E2-4EA8-40A4-A57C-46CCA9922EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09EC481B-79F0-41DB-B95F-D1A221C96F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31F159B5-AF02-48BE-B994-749F21B9D362\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9684039-7938-405D-B833-4C54BFBD6476\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FAE4350-8F39-4E78-AB25-17DE76FD57AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B2369D2-4413-447C-A0A8-84CA37B1F5B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3515BF53-4921-462F-820E-B842BB3FF066\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48067E54-26F5-4020-BCEA-A65C2536618B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9A86B91-78C3-4D02-B7C8-11AAFB1CCCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDBD084F-4A0B-4231-8465-61F8BE5E57F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0885F67A-E01B-4BF2-A760-D452B55C5F69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB9D95E9-52F3-459C-89AD-6FCA6A975085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"087C6821-9A77-4CC8-8AA0-2C51414D9B58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A667C6AF-76D4-4192-A8BF-395F368EFAE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13BF6806-6E69-4172-9260-2E97FB253339\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCAE0EE4-BBE9-4DBD-84CC-9A72E97E73E6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://tracker.ceph.com/issues/24837\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2177\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2179\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2261\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2274\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1576057\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4339\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tracker.ceph.com/issues/24837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2177\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2261\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1576057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4339\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CNVD-2018-17722
Vulnerability from cnvd - Published: 2018-09-06
VLAI
Title
Red Hat Ceph弱签名漏洞
Description
Red Hat Ceph是美国红帽(Red Hat)公司的一套Linux PB级分布式文件系统。该系统的主要目标是设计成基于POSIX(可移植操作系统接口)的没有单点故障的分布式文件系统,使数据能容错和无缝的复制。Ceph branches master、mimic、luminous和jewel都是不同的Ceph版本。
Red Hat Ceph中存在安全漏洞,该漏洞源于程序使用了较弱的签名。攻击者可利用该漏洞绕过cephx协议的签名检测。
Severity
中
Patch Name
Red Hat Ceph弱签名漏洞的补丁
Patch Description
Red Hat Ceph是美国红帽(Red Hat)公司的一套Linux PB级分布式文件系统。该系统的主要目标是设计成基于POSIX(可移植操作系统接口)的没有单点故障的分布式文件系统,使数据能容错和无缝的复制。Ceph branches master、mimic、luminous和jewel都是不同的Ceph版本。
Red Hat Ceph中存在安全漏洞,该漏洞源于程序使用了较弱的签名。攻击者可利用该漏洞绕过cephx协议的签名检测。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: http://tracker.ceph.com/issues/24837
Reference
http://tracker.ceph.com/issues/24837
Impacted products
| Name | Red Hat Ceph |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-1129",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1129"
}
},
"description": "Red Hat Ceph\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957Linux PB\u7ea7\u5206\u5e03\u5f0f\u6587\u4ef6\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u7684\u4e3b\u8981\u76ee\u6807\u662f\u8bbe\u8ba1\u6210\u57fa\u4e8ePOSIX\uff08\u53ef\u79fb\u690d\u64cd\u4f5c\u7cfb\u7edf\u63a5\u53e3\uff09\u7684\u6ca1\u6709\u5355\u70b9\u6545\u969c\u7684\u5206\u5e03\u5f0f\u6587\u4ef6\u7cfb\u7edf\uff0c\u4f7f\u6570\u636e\u80fd\u5bb9\u9519\u548c\u65e0\u7f1d\u7684\u590d\u5236\u3002Ceph branches master\u3001mimic\u3001luminous\u548cjewel\u90fd\u662f\u4e0d\u540c\u7684Ceph\u7248\u672c\u3002\r\n\r\nRed Hat Ceph\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e86\u8f83\u5f31\u7684\u7b7e\u540d\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7cephx\u534f\u8bae\u7684\u7b7e\u540d\u68c0\u6d4b\u3002",
"discovererName": "Siddharth Sharma",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://tracker.ceph.com/issues/24837",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-17722",
"openTime": "2018-09-06",
"patchDescription": "Red Hat Ceph\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957Linux PB\u7ea7\u5206\u5e03\u5f0f\u6587\u4ef6\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u7684\u4e3b\u8981\u76ee\u6807\u662f\u8bbe\u8ba1\u6210\u57fa\u4e8ePOSIX\uff08\u53ef\u79fb\u690d\u64cd\u4f5c\u7cfb\u7edf\u63a5\u53e3\uff09\u7684\u6ca1\u6709\u5355\u70b9\u6545\u969c\u7684\u5206\u5e03\u5f0f\u6587\u4ef6\u7cfb\u7edf\uff0c\u4f7f\u6570\u636e\u80fd\u5bb9\u9519\u548c\u65e0\u7f1d\u7684\u590d\u5236\u3002Ceph branches master\u3001mimic\u3001luminous\u548cjewel\u90fd\u662f\u4e0d\u540c\u7684Ceph\u7248\u672c\u3002\r\n\r\nRed Hat Ceph\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e86\u8f83\u5f31\u7684\u7b7e\u540d\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7cephx\u534f\u8bae\u7684\u7b7e\u540d\u68c0\u6d4b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Red Hat Ceph\u5f31\u7b7e\u540d\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Red Hat Ceph"
},
"referenceLink": "http://tracker.ceph.com/issues/24837",
"serverity": "\u4e2d",
"submitTime": "2018-07-25",
"title": "Red Hat Ceph\u5f31\u7b7e\u540d\u6f0f\u6d1e"
}
FKIE_CVE-2018-1129
Vulnerability from fkie_nvd - Published: 2018-07-10 14:29 - Updated: 2024-11-21 03:59
Severity
Summary
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ceph_storage | 1.3 | |
| redhat | ceph_storage | 3 | |
| redhat | ceph_storage_mon | 2 | |
| redhat | ceph_storage_mon | 3 | |
| redhat | ceph_storage_osd | 2 | |
| redhat | ceph_storage_osd | 3 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| ceph | ceph | 10.2.0 | |
| ceph | ceph | 10.2.1 | |
| ceph | ceph | 10.2.2 | |
| ceph | ceph | 10.2.3 | |
| ceph | ceph | 10.2.4 | |
| ceph | ceph | 10.2.5 | |
| ceph | ceph | 10.2.6 | |
| ceph | ceph | 10.2.7 | |
| ceph | ceph | 10.2.8 | |
| ceph | ceph | 10.2.9 | |
| ceph | ceph | 10.2.10 | |
| ceph | ceph | 10.2.11 | |
| ceph | ceph | 12.2.0 | |
| ceph | ceph | 12.2.1 | |
| ceph | ceph | 12.2.2 | |
| ceph | ceph | 12.2.3 | |
| ceph | ceph | 12.2.4 | |
| ceph | ceph | 12.2.5 | |
| ceph | ceph | 12.2.6 | |
| ceph | ceph | 12.2.7 | |
| ceph | ceph | 13.2.0 | |
| ceph | ceph | 13.2.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| opensuse | leap | 15.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:ceph_storage:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26E67C3A-4458-4DC9-B40E-C0B285C87211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9184616-421F-4EA9-AC1A-A4C95BBAAC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2EBAD9-F0D5-4176-9C4D-001B230E699E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2F9BA8-FE0A-43DE-A756-C35A24C3D96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5F5227-DBDA-4C01-BF7C-4D53F455404F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*",
"matchCriteriaId": "A80BACB5-7A56-4BC6-9261-58A3860F4E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8901022A-8A84-494A-A5BF-358F2CBBDFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76788B0A-7776-4D0C-B0D7-C855E9A0231E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A925DB4-83DC-45D1-A48B-1675A111213B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D22BA440-CB28-445C-A7F8-CBD6E8965B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A503C653-AFEB-4E5A-872B-AD033C0E2259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7C00462A-A1B8-42A7-9336-DE1BF5510B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3505D4E2-4EA8-40A4-A57C-46CCA9922EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "09EC481B-79F0-41DB-B95F-D1A221C96F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "31F159B5-AF02-48BE-B994-749F21B9D362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D9684039-7938-405D-B833-4C54BFBD6476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8FAE4350-8F39-4E78-AB25-17DE76FD57AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2369D2-4413-447C-A0A8-84CA37B1F5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3515BF53-4921-462F-820E-B842BB3FF066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48067E54-26F5-4020-BCEA-A65C2536618B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A86B91-78C3-4D02-B7C8-11AAFB1CCCEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBD084F-4A0B-4231-8465-61F8BE5E57F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0885F67A-E01B-4BF2-A760-D452B55C5F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9D95E9-52F3-459C-89AD-6FCA6A975085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "087C6821-9A77-4CC8-8AA0-2C51414D9B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A667C6AF-76D4-4192-A8BF-395F368EFAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13BF6806-6E69-4172-9260-2E97FB253339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAE0EE4-BBE9-4DBD-84CC-9A72E97E73E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable."
},
{
"lang": "es",
"value": "Se ha encontrado un error en la forma en la que el c\u00e1lculo de firmas es gestionado por el protocolo de autenticaci\u00f3n cephx. Un atacante que tenga acceso a la red de cl\u00fasters ceph y que pueda alterar la carga \u00fatil de los mensajes podr\u00eda omitir las comprobaciones de firma realizadas por el protocolo cephx. Se cree que las ramas de ceph master, mimic, luminous y jewel son vulnerables."
}
],
"id": "CVE-2018-1129",
"lastModified": "2024-11-21T03:59:15.087",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-10T14:29:00.417",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://tracker.ceph.com/issues/24837"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://tracker.ceph.com/issues/24837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4339"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-7QC9-W55V-W7P3
Vulnerability from github – Published: 2022-05-14 00:52 – Updated: 2022-05-14 00:52
VLAI
Details
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
Severity
6.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2018-1129"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-10T14:29:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.",
"id": "GHSA-7qc9-w55v-w7p3",
"modified": "2022-05-14T00:52:10Z",
"published": "2022-05-14T00:52:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129"
},
{
"type": "WEB",
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
},
{
"type": "WEB",
"url": "http://tracker.ceph.com/issues/24837"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2018-1129
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-1129",
"description": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.",
"id": "GSD-2018-1129",
"references": [
"https://www.suse.com/security/cve/CVE-2018-1129.html",
"https://www.debian.org/security/2018/dsa-4339",
"https://access.redhat.com/errata/RHSA-2018:2274",
"https://access.redhat.com/errata/RHSA-2018:2261",
"https://access.redhat.com/errata/RHSA-2018:2179",
"https://access.redhat.com/errata/RHSA-2018:2177",
"https://advisories.mageia.org/CVE-2018-1129.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-1129"
],
"details": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.",
"id": "GSD-2018-1129",
"modified": "2023-12-13T01:22:36.890004Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2018-07-09T00:00:00",
"ID": "CVE-2018-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ceph",
"version": {
"version_data": [
{
"version_value": "all versions in branches master, mimic, luminous and jewel"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2261",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"name": "RHSA-2018:2177",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"name": "RHSA-2018:2179",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"name": "RHSA-2018:2274",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"name": "http://tracker.ceph.com/issues/24837",
"refsource": "CONFIRM",
"url": "http://tracker.ceph.com/issues/24837"
},
{
"name": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587",
"refsource": "CONFIRM",
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"name": "DSA-4339",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "openSUSE-SU-2019:1284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"name": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:ceph_storage:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-1129"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"name": "http://tracker.ceph.com/issues/24837",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://tracker.ceph.com/issues/24837"
},
{
"name": "RHSA-2018:2179",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"name": "RHSA-2018:2177",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"name": "RHSA-2018:2274",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"name": "RHSA-2018:2261",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"name": "DSA-4339",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4339"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "openSUSE-SU-2019:1284",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"
},
{
"name": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-08-29T03:15Z",
"publishedDate": "2018-07-10T14:29Z"
}
}
}
MSRC_CVE-2018-1129
Vulnerability from csaf_microsoft - Published: 2018-07-02 00:00 - Updated: 2026-02-18 03:12Summary
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 16939-17084 | — | ||
| Unresolved product id: 16939-16817 | — | ||
| Unresolved product id: 19856-17084 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2018/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2018/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2018-1129 A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2018/msrc_cve-2018-1129.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable.",
"tracking": {
"current_release_date": "2026-02-18T03:12:02.000Z",
"generator": {
"date": "2026-02-18T12:54:21.011Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2018-1129",
"initial_release_date": "2018-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2024-06-30T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T03:12:02.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "16817"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 ceph 18.2.1-1",
"product": {
"name": "\u003cazl3 ceph 18.2.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 ceph 18.2.1-1",
"product": {
"name": "azl3 ceph 18.2.1-1",
"product_id": "16939"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 ceph 18.2.1-1",
"product": {
"name": "\u003cazl3 ceph 18.2.1-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 ceph 18.2.1-1",
"product": {
"name": "azl3 ceph 18.2.1-1",
"product_id": "16939"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 ceph 16.2.10-3",
"product": {
"name": "\u003cazl3 ceph 16.2.10-3",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 ceph 16.2.10-3",
"product": {
"name": "azl3 ceph 16.2.10-3",
"product_id": "19856"
}
}
],
"category": "product_name",
"name": "ceph"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 ceph 18.2.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ceph 18.2.1-1 as a component of Azure Linux 3.0",
"product_id": "16939-17084"
},
"product_reference": "16939",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 ceph 18.2.1-1 as a component of Azure Linux 3.0",
"product_id": "16817-3"
},
"product_reference": "3",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ceph 18.2.1-1 as a component of Azure Linux 3.0",
"product_id": "16939-16817"
},
"product_reference": "16939",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 ceph 16.2.10-3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ceph 16.2.10-3 as a component of Azure Linux 3.0",
"product_id": "19856-17084"
},
"product_reference": "19856",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1129",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16939-17084",
"16939-16817",
"19856-17084"
],
"known_affected": [
"17084-2",
"16817-3",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2018-1129 A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2018/msrc_cve-2018-1129.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "18.2.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2",
"16817-3",
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"17084-2",
"16817-3",
"17084-1"
]
}
],
"title": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable."
}
]
}
OPENSUSE-SU-2019:1284-1
Vulnerability from csaf_opensuse - Published: 2019-04-27 15:48 - Updated: 2019-04-27 15:48Summary
Security update for ceph
Severity
Moderate
Notes
Title of the patch: Security update for ceph
Description of the patch: This update for ceph version 13.2.4 fixes the following issues:
Security issues fixed:
- CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety (bsc#1111177)
- CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon (bsc#1099162)
- CVE-2018-1128: Fixed signature check bypass in cephx (bsc#1096748)
- CVE-2018-1129: Fixed replay attack in cephx protocol (bsc#1096748)
- CVE-2018-16846: Enforced bounds on max-keys/max-uploads/max-parts in rgw (bsc#1114710)
Non-security issues fixed:
- ceph-volume Python 3 fixes (bsc#1114567)
- Fixed python3 module loading (bsc#1086613)
- Fixed an issue where ceph build fails (bsc#1084645)
- ceph's SPDK builds with march=native (bsc#1101262)
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-1284
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.3 (High)
Affected products
Recommended
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.5 (Medium)
Affected products
Recommended
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ceph",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ceph version 13.2.4 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-14662: Fixed an issue with LUKS \u0027config-key\u0027 safety (bsc#1111177)\n- CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon (bsc#1099162)\n- CVE-2018-1128: Fixed signature check bypass in cephx (bsc#1096748)\n- CVE-2018-1129: Fixed replay attack in cephx protocol (bsc#1096748)\n- CVE-2018-16846: Enforced bounds on max-keys/max-uploads/max-parts in rgw (bsc#1114710)\n\nNon-security issues fixed:\n\n- ceph-volume Python 3 fixes (bsc#1114567)\n- Fixed python3 module loading (bsc#1086613)\n- Fixed an issue where ceph build fails (bsc#1084645)\n- ceph\u0027s SPDK builds with march=native (bsc#1101262)\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-1284",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1284-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:1284-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3PBU365BKTDZHLKZL2NDWGZPNQHYX4IW/#3PBU365BKTDZHLKZL2NDWGZPNQHYX4IW"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:1284-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3PBU365BKTDZHLKZL2NDWGZPNQHYX4IW/#3PBU365BKTDZHLKZL2NDWGZPNQHYX4IW"
},
{
"category": "self",
"summary": "SUSE Bug 1084645",
"url": "https://bugzilla.suse.com/1084645"
},
{
"category": "self",
"summary": "SUSE Bug 1086613",
"url": "https://bugzilla.suse.com/1086613"
},
{
"category": "self",
"summary": "SUSE Bug 1096748",
"url": "https://bugzilla.suse.com/1096748"
},
{
"category": "self",
"summary": "SUSE Bug 1099162",
"url": "https://bugzilla.suse.com/1099162"
},
{
"category": "self",
"summary": "SUSE Bug 1101262",
"url": "https://bugzilla.suse.com/1101262"
},
{
"category": "self",
"summary": "SUSE Bug 1111177",
"url": "https://bugzilla.suse.com/1111177"
},
{
"category": "self",
"summary": "SUSE Bug 1114567",
"url": "https://bugzilla.suse.com/1114567"
},
{
"category": "self",
"summary": "SUSE Bug 1114710",
"url": "https://bugzilla.suse.com/1114710"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10861 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1128 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1129 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14662 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16846 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16846/"
}
],
"title": "Security update for ceph",
"tracking": {
"current_release_date": "2019-04-27T15:48:20Z",
"generator": {
"date": "2019-04-27T15:48:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:1284-1",
"initial_release_date": "2019-04-27T15:48:20Z",
"revision_history": [
{
"date": "2019-04-27T15:48:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product": {
"name": "rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"product_id": "rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
},
"product_reference": "rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10861"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10861",
"url": "https://www.suse.com/security/cve/CVE-2018-10861"
},
{
"category": "external",
"summary": "SUSE Bug 1099162 for CVE-2018-10861",
"url": "https://bugzilla.suse.com/1099162"
},
{
"category": "external",
"summary": "SUSE Bug 1114710 for CVE-2018-10861",
"url": "https://bugzilla.suse.com/1114710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-27T15:48:20Z",
"details": "important"
}
],
"title": "CVE-2018-10861"
},
{
"cve": "CVE-2018-1128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1128"
}
],
"notes": [
{
"category": "general",
"text": "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1128",
"url": "https://www.suse.com/security/cve/CVE-2018-1128"
},
{
"category": "external",
"summary": "SUSE Bug 1096748 for CVE-2018-1128",
"url": "https://bugzilla.suse.com/1096748"
},
{
"category": "external",
"summary": "SUSE Bug 1114710 for CVE-2018-1128",
"url": "https://bugzilla.suse.com/1114710"
},
{
"category": "external",
"summary": "SUSE Bug 1177843 for CVE-2018-1128",
"url": "https://bugzilla.suse.com/1177843"
},
{
"category": "external",
"summary": "SUSE Bug 1177859 for CVE-2018-1128",
"url": "https://bugzilla.suse.com/1177859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-27T15:48:20Z",
"details": "important"
}
],
"title": "CVE-2018-1128"
},
{
"cve": "CVE-2018-1129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1129"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1129",
"url": "https://www.suse.com/security/cve/CVE-2018-1129"
},
{
"category": "external",
"summary": "SUSE Bug 1096748 for CVE-2018-1129",
"url": "https://bugzilla.suse.com/1096748"
},
{
"category": "external",
"summary": "SUSE Bug 1114710 for CVE-2018-1129",
"url": "https://bugzilla.suse.com/1114710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-27T15:48:20Z",
"details": "important"
}
],
"title": "CVE-2018-1129"
},
{
"cve": "CVE-2018-14662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14662"
}
],
"notes": [
{
"category": "general",
"text": "It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14662",
"url": "https://www.suse.com/security/cve/CVE-2018-14662"
},
{
"category": "external",
"summary": "SUSE Bug 1111177 for CVE-2018-14662",
"url": "https://bugzilla.suse.com/1111177"
},
{
"category": "external",
"summary": "SUSE Bug 1114710 for CVE-2018-14662",
"url": "https://bugzilla.suse.com/1114710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-27T15:48:20Z",
"details": "low"
}
],
"title": "CVE-2018-14662"
},
{
"cve": "CVE-2018-16846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16846"
}
],
"notes": [
{
"category": "general",
"text": "It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16846",
"url": "https://www.suse.com/security/cve/CVE-2018-16846"
},
{
"category": "external",
"summary": "SUSE Bug 1114710 for CVE-2018-16846",
"url": "https://bugzilla.suse.com/1114710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:ceph-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-base-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-common-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mds-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mgr-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-mon-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-osd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-radosgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-resource-agents-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:ceph-test-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libcephfs2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librados2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:libradosstriper1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librbd1-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:librgw2-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-cephfs-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rados-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:python3-rgw-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rados-objclass-devel-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-fuse-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-mirror-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64",
"openSUSE Leap 15.0:rbd-nbd-13.2.4.125+gad802694f5-lp150.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-27T15:48:20Z",
"details": "moderate"
}
],
"title": "CVE-2018-16846"
}
]
}
RHSA-2018:2177
Vulnerability from csaf_redhat - Published: 2018-07-11 18:11 - Updated: 2025-11-21 18:05Summary
Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update
Severity
Moderate
Notes
Topic: An update for ceph is now available for Red Hat Ceph Storage 3.0 for Red
Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.
Security Fix(es):
* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)
* ceph: cephx uses weak signatures (CVE-2018-1129)
* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Previously, Ceph RADOS Gateway (RGW) instances in zones configured for multi-site replication would crash if configured to disable sync ("rgw_run_sync_thread = false"). Therefor, multi-site replication environments could not start dedicated non-replication RGW instances. With this update, the "rgw_run_sync_thread" option can be used to configure RGW instances that will not participate in replication even if their zone is replicated. (BZ#1552202)
* Previously, when increasing "max_mds" from "1" to "2", if the Metadata Server (MDS) daemon was in the starting/resolve state for a long period of time, then restarting the MDS daemon lead to assert. This caused the Ceph File System (CephFS) to be in degraded state. With this update, increasing "max_mds" no longer causes CephFS to be in degraded state. (BZ#1566016)
* Previously, the transition to containerized Ceph left some "ceph-disk" unit files. The files were harmless, but appeared as failing. With this update, executing the "switch-from-non-containerized-to-containerized-ceph-daemons.yml" playbook disables the "ceph-disk" unit files too. (BZ#1577846)
* Previously, the "entries_behind_master" metric output from the "rbd mirror image status" CLI tool did not always reduce to zero under synthetic workloads. This could cause a false alarm that there is an issue with RBD mirroring replications. With this update, the metric is now updated periodically without the need for an explicit I/O flush in the workload. (BZ#1578509)
* Previously, when using the "pool create" command with "expected_num_objects", placement group (PG) directories were not pre-created at pool creation time as expected, resulting in performance drops when filestore splitting occurred. With this update, the "expected_num_objects" parameter is now passed through to filestore correctly, and PG directories for the expected number of objects are pre-created at pool creation time. (BZ#1579039)
* Previously, internal RADOS Gateway (RGW) multi-site sync logic behaved incorrectly when attempting to sync containers with S3 object versioning enabled. Objects in versioning-enabled containers would fail to sync in some scenarios—for example, when using "s3cmd sync" to mirror a filesystem directory. With this update, RGW multi-site replication logic has been corrected for the known failure cases. (BZ#1580497)
* When restarting OSD daemons, the "ceph-ansible" restart script goes through all the daemons by listing the units with systemctl list-units. Under certain circumstances, the output of the command contains extra spaces, which caused parsing and restart to fail. With this update, the underlying code has been changed to handle the extra space.
* Previously, the Ceph RADOS Gateway (RGW) server treated negative byte-range object requests ("bytes=0--1") as invalid. Applications that expect the AWS behavior for negative or other invalid range requests saw unexpected errors and could fail. With this update, a new option "rgw_ignore_get_invalid_range" has been added to RGW. When "rgw_ignore_get_invalid_range" is set to "true", the RGW behavior for invalid range requests is backwards compatible with AWS.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.
5.9 (Medium)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.
5.9 (Medium)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images
4.6 (Medium)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ceph is now available for Red Hat Ceph Storage 3.0 for Red\nHat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform\nthat combines the most stable version of the Ceph storage system with a\nCeph management platform, deployment utilities, and support services.\n\nSecurity Fix(es):\n\n* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)\n\n* ceph: cephx uses weak signatures (CVE-2018-1129)\n\n* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, Ceph RADOS Gateway (RGW) instances in zones configured for multi-site replication would crash if configured to disable sync (\"rgw_run_sync_thread = false\"). Therefor, multi-site replication environments could not start dedicated non-replication RGW instances. With this update, the \"rgw_run_sync_thread\" option can be used to configure RGW instances that will not participate in replication even if their zone is replicated. (BZ#1552202)\n\n* Previously, when increasing \"max_mds\" from \"1\" to \"2\", if the Metadata Server (MDS) daemon was in the starting/resolve state for a long period of time, then restarting the MDS daemon lead to assert. This caused the Ceph File System (CephFS) to be in degraded state. With this update, increasing \"max_mds\" no longer causes CephFS to be in degraded state. (BZ#1566016)\n\n* Previously, the transition to containerized Ceph left some \"ceph-disk\" unit files. The files were harmless, but appeared as failing. With this update, executing the \"switch-from-non-containerized-to-containerized-ceph-daemons.yml\" playbook disables the \"ceph-disk\" unit files too. (BZ#1577846)\n\n* Previously, the \"entries_behind_master\" metric output from the \"rbd mirror image status\" CLI tool did not always reduce to zero under synthetic workloads. This could cause a false alarm that there is an issue with RBD mirroring replications. With this update, the metric is now updated periodically without the need for an explicit I/O flush in the workload. (BZ#1578509)\n\n* Previously, when using the \"pool create\" command with \"expected_num_objects\", placement group (PG) directories were not pre-created at pool creation time as expected, resulting in performance drops when filestore splitting occurred. With this update, the \"expected_num_objects\" parameter is now passed through to filestore correctly, and PG directories for the expected number of objects are pre-created at pool creation time. (BZ#1579039)\n\n* Previously, internal RADOS Gateway (RGW) multi-site sync logic behaved incorrectly when attempting to sync containers with S3 object versioning enabled. Objects in versioning-enabled containers would fail to sync in some scenarios\u2014for example, when using \"s3cmd sync\" to mirror a filesystem directory. With this update, RGW multi-site replication logic has been corrected for the known failure cases. (BZ#1580497)\n\n* When restarting OSD daemons, the \"ceph-ansible\" restart script goes through all the daemons by listing the units with systemctl list-units. Under certain circumstances, the output of the command contains extra spaces, which caused parsing and restart to fail. With this update, the underlying code has been changed to handle the extra space.\n\n* Previously, the Ceph RADOS Gateway (RGW) server treated negative byte-range object requests (\"bytes=0--1\") as invalid. Applications that expect the AWS behavior for negative or other invalid range requests saw unexpected errors and could fail. With this update, a new option \"rgw_ignore_get_invalid_range\" has been added to RGW. When \"rgw_ignore_get_invalid_range\" is set to \"true\", the RGW behavior for invalid range requests is backwards compatible with AWS.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2177",
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1532645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532645"
},
{
"category": "external",
"summary": "1534657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534657"
},
{
"category": "external",
"summary": "1549004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549004"
},
{
"category": "external",
"summary": "1552202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552202"
},
{
"category": "external",
"summary": "1552509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552509"
},
{
"category": "external",
"summary": "1566016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566016"
},
{
"category": "external",
"summary": "1569694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569694"
},
{
"category": "external",
"summary": "1570597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1570597"
},
{
"category": "external",
"summary": "1575024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575024"
},
{
"category": "external",
"summary": "1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "1576861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576861"
},
{
"category": "external",
"summary": "1576908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576908"
},
{
"category": "external",
"summary": "1577846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577846"
},
{
"category": "external",
"summary": "1578509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578509"
},
{
"category": "external",
"summary": "1578572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578572"
},
{
"category": "external",
"summary": "1579039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1579039"
},
{
"category": "external",
"summary": "1581403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581403"
},
{
"category": "external",
"summary": "1581573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581573"
},
{
"category": "external",
"summary": "1585748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585748"
},
{
"category": "external",
"summary": "1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "external",
"summary": "1594974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594974"
},
{
"category": "external",
"summary": "1598185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1598185"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2177.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:05:30+00:00",
"generator": {
"date": "2025-11-21T18:05:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2177",
"initial_release_date": "2018-07-11T18:11:30+00:00",
"revision_history": [
{
"date": "2018-07-11T18:11:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-11T18:11:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:05:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "7Server-RHCEPH-3.0-MON",
"product": {
"name": "7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:3::el7"
}
}
},
{
"category": "product_name",
"name": "7Server-RHCEPH-3.0-OSD",
"product": {
"name": "7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:3::el7"
}
}
},
{
"category": "product_name",
"name": "7Server-RHCEPH-3.0-Tools",
"product": {
"name": "7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "cephmetrics-0:1.0.1-1.el7cp.src",
"product": {
"name": "cephmetrics-0:1.0.1-1.el7cp.src",
"product_id": "cephmetrics-0:1.0.1-1.el7cp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cephmetrics@1.0.1-1.el7cp?arch=src"
}
}
},
{
"category": "product_version",
"name": "nfs-ganesha-0:2.5.5-6.el7cp.src",
"product": {
"name": "nfs-ganesha-0:2.5.5-6.el7cp.src",
"product_id": "nfs-ganesha-0:2.5.5-6.el7cp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nfs-ganesha@2.5.5-6.el7cp?arch=src"
}
}
},
{
"category": "product_version",
"name": "ceph-2:12.2.4-30.el7cp.src",
"product": {
"name": "ceph-2:12.2.4-30.el7cp.src",
"product_id": "ceph-2:12.2.4-30.el7cp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph@12.2.4-30.el7cp?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-ansible-0:3.0.39-1.el7cp.src",
"product": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src",
"product_id": "ceph-ansible-0:3.0.39-1.el7cp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-ansible@3.0.39-1.el7cp?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cephmetrics-0:1.0.1-1.el7cp.x86_64",
"product": {
"name": "cephmetrics-0:1.0.1-1.el7cp.x86_64",
"product_id": "cephmetrics-0:1.0.1-1.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cephmetrics@1.0.1-1.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"product": {
"name": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"product_id": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cephmetrics-grafana-plugins@1.0.1-1.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"product": {
"name": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"product_id": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cephmetrics-ansible@1.0.1-1.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"product": {
"name": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"product_id": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cephmetrics-collectors@1.0.1-1.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"product": {
"name": "nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"product_id": "nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nfs-ganesha@2.5.5-6.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"product": {
"name": "nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"product_id": "nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nfs-ganesha-ceph@2.5.5-6.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"product": {
"name": "nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"product_id": "nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nfs-ganesha-debuginfo@2.5.5-6.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"product": {
"name": "nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"product_id": "nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nfs-ganesha-rgw@2.5.5-6.el7cp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-rbd-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "python-rbd-2:12.2.4-30.el7cp.x86_64",
"product_id": "python-rbd-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rbd@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "python-rados-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "python-rados-2:12.2.4-30.el7cp.x86_64",
"product_id": "python-rados-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rados@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"product_id": "rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rbd-mirror@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"product_id": "libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libradosstriper1@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "python-cephfs-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "python-cephfs-2:12.2.4-30.el7cp.x86_64",
"product_id": "python-cephfs-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-cephfs@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-selinux@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librados2-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "librados2-2:12.2.4-30.el7cp.x86_64",
"product_id": "librados2-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librados2@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libcephfs2-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "libcephfs2-2:12.2.4-30.el7cp.x86_64",
"product_id": "libcephfs2-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcephfs2@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librgw2-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "librgw2-2:12.2.4-30.el7cp.x86_64",
"product_id": "librgw2-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librgw2@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-mds-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-mds-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-mds-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-mds@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-radosgw@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librbd1-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "librbd1-2:12.2.4-30.el7cp.x86_64",
"product_id": "librbd1-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librbd1@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-debuginfo@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "python-rgw-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "python-rgw-2:12.2.4-30.el7cp.x86_64",
"product_id": "python-rgw-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rgw@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"product_id": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcephfs-devel@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-base-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-base-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-base-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-base@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librados-devel-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "librados-devel-2:12.2.4-30.el7cp.x86_64",
"product_id": "librados-devel-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librados-devel@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-fuse@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-common-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-common-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-common-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-common@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librgw-devel-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "librgw-devel-2:12.2.4-30.el7cp.x86_64",
"product_id": "librgw-devel-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librgw-devel@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librbd-devel-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "librbd-devel-2:12.2.4-30.el7cp.x86_64",
"product_id": "librbd-devel-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librbd-devel@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-mgr@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-test-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-test-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-test-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-test@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-mon-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-mon-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-mon-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-mon@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-osd-2:12.2.4-30.el7cp.x86_64",
"product": {
"name": "ceph-osd-2:12.2.4-30.el7cp.x86_64",
"product_id": "ceph-osd-2:12.2.4-30.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-osd@12.2.4-30.el7cp?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"product": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"product_id": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-ansible@3.0.39-1.el7cp?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:12.2.4-30.el7cp.src as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src"
},
"product_reference": "ceph-2:12.2.4-30.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-base-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-common-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mgr-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-test-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-0:1.0.1-1.el7cp.src as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src"
},
"product_reference": "cephmetrics-0:1.0.1-1.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libcephfs2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librados-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librados2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libradosstriper1-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librbd-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librbd1-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librgw-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librgw2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rados-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rbd-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rgw-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rgw-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-MON",
"product_id": "7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:12.2.4-30.el7cp.src as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src"
},
"product_reference": "ceph-2:12.2.4-30.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-base-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-common-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mgr-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-test-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-0:1.0.1-1.el7cp.src as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src"
},
"product_reference": "cephmetrics-0:1.0.1-1.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libcephfs2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librados-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librados2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libradosstriper1-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librbd-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librbd1-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librgw-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librgw2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rados-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rbd-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rgw-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rgw-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-OSD",
"product_id": "7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:12.2.4-30.el7cp.src as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src"
},
"product_reference": "ceph-2:12.2.4-30.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-base-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-common-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mgr-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "ceph-test-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-0:1.0.1-1.el7cp.src as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src"
},
"product_reference": "cephmetrics-0:1.0.1-1.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64"
},
"product_reference": "cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libcephfs2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librados-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librados2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libradosstriper1-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librbd-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librbd1-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw-devel-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librgw-devel-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "librgw2-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nfs-ganesha-0:2.5.5-6.el7cp.src as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src"
},
"product_reference": "nfs-ganesha-0:2.5.5-6.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nfs-ganesha-0:2.5.5-6.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64"
},
"product_reference": "nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64"
},
"product_reference": "nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64"
},
"product_reference": "nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64"
},
"product_reference": "nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rados-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rbd-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rgw-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "python-rgw-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:12.2.4-30.el7cp.x86_64 as a component of 7Server-RHCEPH-3.0-Tools",
"product_id": "7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-3.0-Tools"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1128",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1575866"
}
],
"notes": [
{
"category": "description",
"text": "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx protocol is vulnerable to replay attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships the flawed package, however RHOSP deployments use the ceph package directly from the Ceph channel. A RHOSP ceph update will therefore not be provided at this time, but please ensure that the underlying Red Hat Ceph Storage is updated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1128"
},
{
"category": "external",
"summary": "RHBZ#1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1128",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-11T18:11:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx protocol is vulnerable to replay attack"
},
{
"cve": "CVE-2018-1129",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1576057"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx uses weak signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1129"
},
{
"category": "external",
"summary": "RHBZ#1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1129",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-11T18:11:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx uses weak signatures"
},
{
"cve": "CVE-2018-10861",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2018-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1593308"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: ceph-mon does not perform authorization on OSD pool ops",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10861"
},
{
"category": "external",
"summary": "RHBZ#1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10861",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-11T18:11:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2177"
},
{
"category": "workaround",
"details": "Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools\n\n\n~]$ for p in `rados lspools`\ndo\n ceph osd pool set $p nodelete true\ndone\n\ncaveat: This mitigation does not protect against attacker from corrupting snapshot images",
"product_ids": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHCEPH-3.0-MON:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-MON:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-MON:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-MON:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-OSD:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-OSD:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-OSD:rbd-mirror-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-2:12.2.4-30.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-3.0-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:ceph-base-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-common-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-debuginfo-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-fuse-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mds-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mgr-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-mon-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-osd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-radosgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-selinux-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:ceph-test-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.src",
"7Server-RHCEPH-3.0-Tools:cephmetrics-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-ansible-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-collectors-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:cephmetrics-grafana-plugins-0:1.0.1-1.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libcephfs2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librados2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:libradosstriper1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librbd1-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw-devel-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:librgw2-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.src",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-ceph-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-debuginfo-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:nfs-ganesha-rgw-0:2.5.5-6.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-cephfs-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rados-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rbd-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:python-rgw-2:12.2.4-30.el7cp.x86_64",
"7Server-RHCEPH-3.0-Tools:rbd-mirror-2:12.2.4-30.el7cp.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: ceph-mon does not perform authorization on OSD pool ops"
}
]
}
RHSA-2018:2179
Vulnerability from csaf_redhat - Published: 2018-07-11 18:21 - Updated: 2025-11-21 18:05Summary
Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update
Severity
Moderate
Notes
Topic: An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
Security Fix(es):
* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)
* ceph: cephx uses weak signatures (CVE-2018-1129)
* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Previously, Ceph RADOS Gateway (RGW) instances in zones configured for multi-site replication would crash if configured to disable sync ("rgw_run_sync_thread = false"). Therefor, multi-site replication environments could not start dedicated non-replication RGW instances. With this update, the "rgw_run_sync_thread" option can be used to configure RGW instances that will not participate in replication even if their zone is replicated. (BZ#1552202)
* Previously, when increasing "max_mds" from "1" to "2", if the Metadata Server (MDS) daemon was in the starting/resolve state for a long period of time, then restarting the MDS daemon lead to assert. This caused the Ceph File System (CephFS) to be in degraded state. With this update, increasing "max_mds" no longer causes CephFS to be in degraded state. (BZ#1566016)
* Previously, the transition to containerized Ceph left some "ceph-disk" unit files. The files were harmless, but appeared as failing. With this update, executing the "switch-from-non-containerized-to-containerized-ceph-daemons.yml" playbook disables the "ceph-disk" unit files too. (BZ#1577846)
* Previously, the "entries_behind_master" metric output from the "rbd mirror image status" CLI tool did not always reduce to zero under synthetic workloads. This could cause a false alarm that there is an issue with RBD mirroring replications. With this update, the metric is now updated periodically without the need for an explicit I/O flush in the workload. (BZ#1578509)
* Previously, when using the "pool create" command with "expected_num_objects", placement group (PG) directories were not pre-created at pool creation time as expected, resulting in performance drops when filestore splitting occurred. With this update, the "expected_num_objects" parameter is now passed through to filestore correctly, and PG directories for the expected number of objects are pre-created at pool creation time. (BZ#1579039)
* Previously, internal RADOS Gateway (RGW) multi-site sync logic behaved incorrectly when attempting to sync containers with S3 object versioning enabled. Objects in versioning-enabled containers would fail to sync in some scenarios—for example, when using "s3cmd sync" to mirror a filesystem directory. With this update, RGW multi-site replication logic has been corrected for the known failure cases. (BZ#1580497)
* When restarting OSD daemons, the "ceph-ansible" restart script goes through all the daemons by listing the units with systemctl list-units. Under certain circumstances, the output of the command contains extra spaces, which caused parsing and restart to fail. With this update, the underlying code has been changed to handle the extra space.
* Previously, the Ceph RADOS Gateway (RGW) server treated negative byte-range object requests ("bytes=0--1") as invalid. Applications that expect the AWS behavior for negative or other invalid range requests saw unexpected errors and could fail. With this update, a new option "rgw_ignore_get_invalid_range" has been added to RGW. When "rgw_ignore_get_invalid_range" is set to "true", the RGW behavior for invalid range requests is backwards compatible with AWS.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Ceph Storage 3 for Ubuntu
Red Hat / Red Hat Ceph Storage
|
cpe:/a:redhat:ceph_storage:3::ubuntu16.04
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Ceph Storage 3 for Ubuntu
Red Hat / Red Hat Ceph Storage
|
cpe:/a:redhat:ceph_storage:3::ubuntu16.04
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images
4.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Ceph Storage 3 for Ubuntu
Red Hat / Red Hat Ceph Storage
|
cpe:/a:redhat:ceph_storage:3::ubuntu16.04
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.\n\nSecurity Fix(es):\n\n* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)\n\n* ceph: cephx uses weak signatures (CVE-2018-1129)\n\n* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, Ceph RADOS Gateway (RGW) instances in zones configured for multi-site replication would crash if configured to disable sync (\"rgw_run_sync_thread = false\"). Therefor, multi-site replication environments could not start dedicated non-replication RGW instances. With this update, the \"rgw_run_sync_thread\" option can be used to configure RGW instances that will not participate in replication even if their zone is replicated. (BZ#1552202)\n\n* Previously, when increasing \"max_mds\" from \"1\" to \"2\", if the Metadata Server (MDS) daemon was in the starting/resolve state for a long period of time, then restarting the MDS daemon lead to assert. This caused the Ceph File System (CephFS) to be in degraded state. With this update, increasing \"max_mds\" no longer causes CephFS to be in degraded state. (BZ#1566016)\n\n* Previously, the transition to containerized Ceph left some \"ceph-disk\" unit files. The files were harmless, but appeared as failing. With this update, executing the \"switch-from-non-containerized-to-containerized-ceph-daemons.yml\" playbook disables the \"ceph-disk\" unit files too. (BZ#1577846)\n\n* Previously, the \"entries_behind_master\" metric output from the \"rbd mirror image status\" CLI tool did not always reduce to zero under synthetic workloads. This could cause a false alarm that there is an issue with RBD mirroring replications. With this update, the metric is now updated periodically without the need for an explicit I/O flush in the workload. (BZ#1578509)\n\n* Previously, when using the \"pool create\" command with \"expected_num_objects\", placement group (PG) directories were not pre-created at pool creation time as expected, resulting in performance drops when filestore splitting occurred. With this update, the \"expected_num_objects\" parameter is now passed through to filestore correctly, and PG directories for the expected number of objects are pre-created at pool creation time. (BZ#1579039)\n\n* Previously, internal RADOS Gateway (RGW) multi-site sync logic behaved incorrectly when attempting to sync containers with S3 object versioning enabled. Objects in versioning-enabled containers would fail to sync in some scenarios\u2014for example, when using \"s3cmd sync\" to mirror a filesystem directory. With this update, RGW multi-site replication logic has been corrected for the known failure cases. (BZ#1580497)\n\n* When restarting OSD daemons, the \"ceph-ansible\" restart script goes through all the daemons by listing the units with systemctl list-units. Under certain circumstances, the output of the command contains extra spaces, which caused parsing and restart to fail. With this update, the underlying code has been changed to handle the extra space.\n\n* Previously, the Ceph RADOS Gateway (RGW) server treated negative byte-range object requests (\"bytes=0--1\") as invalid. Applications that expect the AWS behavior for negative or other invalid range requests saw unexpected errors and could fail. With this update, a new option \"rgw_ignore_get_invalid_range\" has been added to RGW. When \"rgw_ignore_get_invalid_range\" is set to \"true\", the RGW behavior for invalid range requests is backwards compatible with AWS.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2179",
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2179.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:05:30+00:00",
"generator": {
"date": "2025-11-21T18:05:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2179",
"initial_release_date": "2018-07-11T18:21:00+00:00",
"revision_history": [
{
"date": "2018-07-11T18:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-11T18:21:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:05:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 3 for Ubuntu",
"product": {
"name": "Red Hat Ceph Storage 3 for Ubuntu",
"product_id": "Red Hat Ceph Storage 3 for Ubuntu",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:3::ubuntu16.04"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1128",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1575866"
}
],
"notes": [
{
"category": "description",
"text": "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx protocol is vulnerable to replay attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships the flawed package, however RHOSP deployments use the ceph package directly from the Ceph channel. A RHOSP ceph update will therefore not be provided at this time, but please ensure that the underlying Red Hat Ceph Storage is updated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1128"
},
{
"category": "external",
"summary": "RHBZ#1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1128",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-11T18:21:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Ceph Storage 3 for Ubuntu"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx protocol is vulnerable to replay attack"
},
{
"cve": "CVE-2018-1129",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1576057"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx uses weak signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1129"
},
{
"category": "external",
"summary": "RHBZ#1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1129",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-11T18:21:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Ceph Storage 3 for Ubuntu"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx uses weak signatures"
},
{
"cve": "CVE-2018-10861",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2018-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1593308"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: ceph-mon does not perform authorization on OSD pool ops",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10861"
},
{
"category": "external",
"summary": "RHBZ#1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10861",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-11T18:21:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Ceph Storage 3 for Ubuntu"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2179"
},
{
"category": "workaround",
"details": "Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools\n\n\n~]$ for p in `rados lspools`\ndo\n ceph osd pool set $p nodelete true\ndone\n\ncaveat: This mitigation does not protect against attacker from corrupting snapshot images",
"product_ids": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Ceph Storage 3 for Ubuntu"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: ceph-mon does not perform authorization on OSD pool ops"
}
]
}
RHSA-2018:2261
Vulnerability from csaf_redhat - Published: 2018-07-26 19:00 - Updated: 2025-11-21 18:05Summary
Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update
Severity
Moderate
Notes
Topic: An update for ceph is now available for Red Hat Ceph Storage 2.5 for Red
Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.
Security Fix(es):
* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)
* ceph: cephx uses weak signatures (CVE-2018-1129)
* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)
For more details about the security issue(s), including the impact, a CVSS
score and other related information refer to the CVE page(s) listed in the Reference section.
Enhancement(s):
* Ceph OSDs now logs when they shutdown due to disk operations timing out by default. (BZ#1568897)
* The `radosgw-admin orphans find` command can inadvertently remove data objects still in use, if followed by another operation, such as, a `rados rm` command. Users are now warned before attempting to produce lists of potentially orphaned objects. (BZ#1573656)
* The 'ceph-osdomap-tool' now has a 'compact' command to perform offline compaction on an OSD's 'omap' directory. (BZ#1574231)
* For S3 and Swift protocols, an option to list buckets/containers in natural (partial) order has been added. Listing containers in sorted order is canonical in both protocols, but is costly, and not required by some client applications. The performance and workload cost of S3 and Swift bucket/container listings is reduced for sharded buckets/containers when the `allow_unordered` extension is used. (BZ#1595374)
* An asynchronous mechanism for executing the Ceph Object Gateway garbage collection using the `librados` APIs has been introduced. The original garbage collection mechanism serialized all processing, and lagged behind applications in specific workloads. Garbage collection performance has been significantly improved, and can be tuned to specific site requirements. (BZ#1595383)
Bug Fix(es):
These updated ceph packages include numerous bug fixes. Space precludes
documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage 2.5 Release Notes for information on the most significant bug fixes for this release:
https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.
5.9 (Medium)
Affected products
Fixed
146 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.
5.9 (Medium)
Affected products
Fixed
146 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images
4.6 (Medium)
Affected products
Fixed
146 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ceph is now available for Red Hat Ceph Storage 2.5 for Red\nHat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform\nthat combines the most stable version of the Ceph storage system with a\nCeph management platform, deployment utilities, and support services.\n\nSecurity Fix(es):\n\n* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)\n\n* ceph: cephx uses weak signatures (CVE-2018-1129)\n\n* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore and other related information refer to the CVE page(s) listed in the Reference section.\n\nEnhancement(s):\n\n* Ceph OSDs now logs when they shutdown due to disk operations timing out by default. (BZ#1568897)\n\n* The `radosgw-admin orphans find` command can inadvertently remove data objects still in use, if followed by another operation, such as, a `rados rm` command. Users are now warned before attempting to produce lists of potentially orphaned objects. (BZ#1573656)\n\n* The \u0027ceph-osdomap-tool\u0027 now has a \u0027compact\u0027 command to perform offline compaction on an OSD\u0027s \u0027omap\u0027 directory. (BZ#1574231)\n\n* For S3 and Swift protocols, an option to list buckets/containers in natural (partial) order has been added. Listing containers in sorted order is canonical in both protocols, but is costly, and not required by some client applications. The performance and workload cost of S3 and Swift bucket/container listings is reduced for sharded buckets/containers when the `allow_unordered` extension is used. (BZ#1595374)\n\n* An asynchronous mechanism for executing the Ceph Object Gateway garbage collection using the `librados` APIs has been introduced. The original garbage collection mechanism serialized all processing, and lagged behind applications in specific workloads. Garbage collection performance has been significantly improved, and can be tuned to specific site requirements. (BZ#1595383)\n\nBug Fix(es):\n\nThese updated ceph packages include numerous bug fixes. Space precludes\ndocumenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage 2.5 Release Notes for information on the most significant bug fixes for this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2261",
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes"
},
{
"category": "external",
"summary": "1448084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448084"
},
{
"category": "external",
"summary": "1515341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515341"
},
{
"category": "external",
"summary": "1522881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1522881"
},
{
"category": "external",
"summary": "1548071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548071"
},
{
"category": "external",
"summary": "1554963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1554963"
},
{
"category": "external",
"summary": "1563825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563825"
},
{
"category": "external",
"summary": "1568897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568897"
},
{
"category": "external",
"summary": "1574231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574231"
},
{
"category": "external",
"summary": "1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "1581579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581579"
},
{
"category": "external",
"summary": "1584218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584218"
},
{
"category": "external",
"summary": "1584763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584763"
},
{
"category": "external",
"summary": "1584829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584829"
},
{
"category": "external",
"summary": "1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "external",
"summary": "1595374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595374"
},
{
"category": "external",
"summary": "1595383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595383"
},
{
"category": "external",
"summary": "1595386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595386"
},
{
"category": "external",
"summary": "1599507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599507"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2261.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:05:37+00:00",
"generator": {
"date": "2025-11-21T18:05:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2261",
"initial_release_date": "2018-07-26T19:00:38+00:00",
"revision_history": [
{
"date": "2018-07-26T19:00:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-26T19:00:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:05:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "7Client-RHCEPH-2.5-Client-Tools",
"product": {
"name": "7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::el7"
}
}
},
{
"category": "product_name",
"name": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product": {
"name": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::el7"
}
}
},
{
"category": "product_name",
"name": "7Server-RHCEPH-2.5-Server-Tools",
"product": {
"name": "7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::el7"
}
}
},
{
"category": "product_name",
"name": "7Workstation-RHCEPH-2.5-Workstation-Tools",
"product": {
"name": "7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::el7"
}
}
},
{
"category": "product_name",
"name": "7Server-RHCEPH-2.5-MON",
"product": {
"name": "7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::el7"
}
}
},
{
"category": "product_name",
"name": "7Server-RHCEPH-2.5-OSD",
"product": {
"name": "7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"product": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"product_id": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-ansible@3.0.39-1.el7cp?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-ansible-0:3.0.39-1.el7cp.src",
"product": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src",
"product_id": "ceph-ansible-0:3.0.39-1.el7cp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-ansible@3.0.39-1.el7cp?arch=src"
}
}
},
{
"category": "product_version",
"name": "ceph-2:10.2.10-28.el7cp.src",
"product": {
"name": "ceph-2:10.2.10-28.el7cp.src",
"product_id": "ceph-2:10.2.10-28.el7cp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph@10.2.10-28.el7cp?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "librgw2-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64",
"product_id": "librgw2-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librgw2@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-mds@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-base@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"product_id": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcephfs1-devel@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"product_id": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-cephfs@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-radosgw@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librbd1-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64",
"product_id": "librbd1-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librbd1@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-debuginfo@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-selinux@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "python-rados-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64",
"product_id": "python-rados-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rados@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-fuse@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-common@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"product_id": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librgw2-devel@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"product_id": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librbd1-devel@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"product_id": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rbd@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librados2-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64",
"product_id": "librados2-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librados2@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"product_id": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/librados2-devel@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"product_id": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rbd-mirror@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"product_id": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcephfs1@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-test@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-mon@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"product": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"product_id": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ceph-osd@10.2.10-28.el7cp?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:10.2.10-28.el7cp.src as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src"
},
"product_reference": "ceph-2:10.2.10-28.el7cp.src",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.src",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rados-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64 as a component of 7Client-RHCEPH-2.5-Client-Tools",
"product_id": "7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Client-RHCEPH-2.5-Client-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:10.2.10-28.el7cp.src as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src"
},
"product_reference": "ceph-2:10.2.10-28.el7cp.src",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.src",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rados-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64 as a component of 7ComputeNode-RHCEPH-2.5-ComputeNode-Tools",
"product_id": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7ComputeNode-RHCEPH-2.5-ComputeNode-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:10.2.10-28.el7cp.src as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src"
},
"product_reference": "ceph-2:10.2.10-28.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rados-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-MON",
"product_id": "7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-MON"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:10.2.10-28.el7cp.src as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src"
},
"product_reference": "ceph-2:10.2.10-28.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rados-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-OSD",
"product_id": "7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-OSD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:10.2.10-28.el7cp.src as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src"
},
"product_reference": "ceph-2:10.2.10-28.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.src",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rados-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64 as a component of 7Server-RHCEPH-2.5-Server-Tools",
"product_id": "7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Server-RHCEPH-2.5-Server-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-2:10.2.10-28.el7cp.src as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src"
},
"product_reference": "ceph-2:10.2.10-28.el7cp.src",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.noarch as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.noarch",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-ansible-0:3.0.39-1.el7cp.src as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src"
},
"product_reference": "ceph-ansible-0:3.0.39-1.el7cp.src",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-base-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-base-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-common-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-common-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-fuse-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mds-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mds-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-mon-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-mon-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-osd-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-osd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-selinux-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-test-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "ceph-test-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librados2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librados2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librbd1-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "librgw2-devel-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cephfs-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-cephfs-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rados-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rados-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rbd-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "python-rbd-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rbd-mirror-2:10.2.10-28.el7cp.x86_64 as a component of 7Workstation-RHCEPH-2.5-Workstation-Tools",
"product_id": "7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
},
"product_reference": "rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"relates_to_product_reference": "7Workstation-RHCEPH-2.5-Workstation-Tools"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1128",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1575866"
}
],
"notes": [
{
"category": "description",
"text": "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx protocol is vulnerable to replay attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships the flawed package, however RHOSP deployments use the ceph package directly from the Ceph channel. A RHOSP ceph update will therefore not be provided at this time, but please ensure that the underlying Red Hat Ceph Storage is updated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1128"
},
{
"category": "external",
"summary": "RHBZ#1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1128",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-26T19:00:38+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx protocol is vulnerable to replay attack"
},
{
"cve": "CVE-2018-1129",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1576057"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx uses weak signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1129"
},
{
"category": "external",
"summary": "RHBZ#1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1129",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-26T19:00:38+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx uses weak signatures"
},
{
"cve": "CVE-2018-10861",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2018-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1593308"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: ceph-mon does not perform authorization on OSD pool ops",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10861"
},
{
"category": "external",
"summary": "RHBZ#1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10861",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-26T19:00:38+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2261"
},
{
"category": "workaround",
"details": "Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools\n\n\n~]$ for p in `rados lspools`\ndo\n ceph osd pool set $p nodelete true\ndone\n\ncaveat: This mitigation does not protect against attacker from corrupting snapshot images",
"product_ids": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-RHCEPH-2.5-Client-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Client-RHCEPH-2.5-Client-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Client-RHCEPH-2.5-Client-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Client-RHCEPH-2.5-Client-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-2:10.2.10-28.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7ComputeNode-RHCEPH-2.5-ComputeNode-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-MON:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-MON:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-OSD:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-OSD:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Server-RHCEPH-2.5-Server-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Server-RHCEPH-2.5-Server-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Server-RHCEPH-2.5-Server-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-2:10.2.10-28.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.noarch",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-ansible-0:3.0.39-1.el7cp.src",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-base-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-common-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-debuginfo-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-fuse-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mds-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-mon-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-osd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-radosgw-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-selinux-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:ceph-test-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:libcephfs1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librados2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librbd1-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:librgw2-devel-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-cephfs-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rados-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:python-rbd-2:10.2.10-28.el7cp.x86_64",
"7Workstation-RHCEPH-2.5-Workstation-Tools:rbd-mirror-2:10.2.10-28.el7cp.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: ceph-mon does not perform authorization on OSD pool ops"
}
]
}
RHSA-2018:2274
Vulnerability from csaf_redhat - Published: 2018-07-26 15:35 - Updated: 2025-11-21 18:05Summary
Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update
Severity
Moderate
Notes
Topic: An update for ceph is now available for Red Hat Ceph Storage 2.5 for Ubuntu 16.04.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.
Security Fix(es):
* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)
* ceph: cephx uses weak signatures (CVE-2018-1129)
* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)
For more details about the security issue(s), including the impact, a CVSS
score and other related information refer to the CVE page(s) listed in the
Reference section.
Enhancement(s):
* Ceph OSDs now log when they shutdown due to disk operations timing out by
default. (BZ#1568897)
* The `radosgw-admin orphans find` command can inadvertently remove data objects still in use, if followed by another operation, such as, a `rados rm` command. Users are now warned before attempting to produce lists of potentially orphaned objects. (BZ#1573656)
* The 'ceph-osdomap-tool' now has a 'compact' command to perform offline
compaction on an OSD's 'omap' directory. (BZ#1574231)
* For S3 and Swift protocols, an option to list buckets/containers in natural (partial) order has been added. Listing containers in sorted order is canonical in both protocols, but is costly, and not required by some client applications. The performance and workload cost of S3 and Swift bucket/container listings is reduced for sharded buckets/containers when the `allow_unordered` extension is used. (BZ#1595374)
* An asynchronous mechanism for executing the Ceph Object Gateway garbage collection using the `librados` APIs has been introduced. The original garbage collection mechanism serialized all processing, and lagged behind applications in specific workloads. Garbage collection performance has been significantly improved, and can be tuned to specific site requirements. (BZ#1595383)
Bug Fix(es):
These updated Ceph packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage 2.5 Release Notes for information on the most significant bug fixes for this release:
https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Ceph Storage 2 for Ubuntu
Red Hat / Red Hat Ceph Storage
|
cpe:/a:redhat:ceph_storage:2::ubuntu16.04
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Ceph Storage 2 for Ubuntu
Red Hat / Red Hat Ceph Storage
|
cpe:/a:redhat:ceph_storage:2::ubuntu16.04
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images
4.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Ceph Storage 2 for Ubuntu
Red Hat / Red Hat Ceph Storage
|
cpe:/a:redhat:ceph_storage:2::ubuntu16.04
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ceph is now available for Red Hat Ceph Storage 2.5 for Ubuntu 16.04.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform\nthat combines the most stable version of the Ceph storage system with a\nCeph management platform, deployment utilities, and support services.\n\nSecurity Fix(es):\n\n* ceph: cephx protocol is vulnerable to replay attack (CVE-2018-1128)\n\n* ceph: cephx uses weak signatures (CVE-2018-1129)\n\n* ceph: ceph-mon does not perform authorization on OSD pool ops (CVE-2018-10861)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore and other related information refer to the CVE page(s) listed in the\nReference section.\n\nEnhancement(s):\n\n* Ceph OSDs now log when they shutdown due to disk operations timing out by\ndefault. (BZ#1568897)\n\n* The `radosgw-admin orphans find` command can inadvertently remove data objects still in use, if followed by another operation, such as, a `rados rm` command. Users are now warned before attempting to produce lists of potentially orphaned objects. (BZ#1573656)\n\n* The \u0027ceph-osdomap-tool\u0027 now has a \u0027compact\u0027 command to perform offline\ncompaction on an OSD\u0027s \u0027omap\u0027 directory. (BZ#1574231)\n\n* For S3 and Swift protocols, an option to list buckets/containers in natural (partial) order has been added. Listing containers in sorted order is canonical in both protocols, but is costly, and not required by some client applications. The performance and workload cost of S3 and Swift bucket/container listings is reduced for sharded buckets/containers when the `allow_unordered` extension is used. (BZ#1595374)\n\n* An asynchronous mechanism for executing the Ceph Object Gateway garbage collection using the `librados` APIs has been introduced. The original garbage collection mechanism serialized all processing, and lagged behind applications in specific workloads. Garbage collection performance has been significantly improved, and can be tuned to specific site requirements. (BZ#1595383)\n\nBug Fix(es):\n\nThese updated Ceph packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage 2.5 Release Notes for information on the most significant bug fixes for this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2274",
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"category": "external",
"summary": "https://rhcs.download.redhat.com/ubuntu",
"url": "https://rhcs.download.redhat.com/ubuntu"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2.5/html/release_notes/bug_fixes"
},
{
"category": "external",
"summary": "1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2274.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:05:37+00:00",
"generator": {
"date": "2025-11-21T18:05:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2274",
"initial_release_date": "2018-07-26T15:35:56+00:00",
"revision_history": [
{
"date": "2018-07-26T15:35:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-26T15:35:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:05:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 2 for Ubuntu",
"product": {
"name": "Red Hat Ceph Storage 2 for Ubuntu",
"product_id": "Red Hat Ceph Storage 2 for Ubuntu",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:2::ubuntu16.04"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1128",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1575866"
}
],
"notes": [
{
"category": "description",
"text": "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to the ceph cluster network who is also able to sniff packets on the network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx protocol is vulnerable to replay attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships the flawed package, however RHOSP deployments use the ceph package directly from the Ceph channel. A RHOSP ceph update will therefore not be provided at this time, but please ensure that the underlying Red Hat Ceph Storage is updated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1128"
},
{
"category": "external",
"summary": "RHBZ#1575866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1128",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1128"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-26T15:35:56+00:00",
"details": "The References section of this erratum contains a download link. You must\nlog in to download the update.\n\nRefer to the Red Hat Ceph Storage 2 Installation Guide for more information:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html-single/installation_guide_for_ubuntu/#enabling_the_red_hat_ceph_storage_repositories",
"product_ids": [
"Red Hat Ceph Storage 2 for Ubuntu"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx protocol is vulnerable to replay attack"
},
{
"cve": "CVE-2018-1129",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1576057"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network, who is able to alter the message payload, was able to bypass signature checks done by cephx protocol.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: cephx uses weak signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1129"
},
{
"category": "external",
"summary": "RHBZ#1576057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1129",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1129"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-26T15:35:56+00:00",
"details": "The References section of this erratum contains a download link. You must\nlog in to download the update.\n\nRefer to the Red Hat Ceph Storage 2 Installation Guide for more information:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html-single/installation_guide_for_ubuntu/#enabling_the_red_hat_ceph_storage_repositories",
"product_ids": [
"Red Hat Ceph Storage 2 for Ubuntu"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: cephx uses weak signatures"
},
{
"cve": "CVE-2018-10861",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2018-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1593308"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ceph: ceph-mon does not perform authorization on OSD pool ops",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10861"
},
{
"category": "external",
"summary": "RHBZ#1593308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10861",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10861"
}
],
"release_date": "2018-07-09T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-26T15:35:56+00:00",
"details": "The References section of this erratum contains a download link. You must\nlog in to download the update.\n\nRefer to the Red Hat Ceph Storage 2 Installation Guide for more information:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html-single/installation_guide_for_ubuntu/#enabling_the_red_hat_ceph_storage_repositories",
"product_ids": [
"Red Hat Ceph Storage 2 for Ubuntu"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2274"
},
{
"category": "workaround",
"details": "Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools\n\n\n~]$ for p in `rados lspools`\ndo\n ceph osd pool set $p nodelete true\ndone\n\ncaveat: This mitigation does not protect against attacker from corrupting snapshot images",
"product_ids": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Ceph Storage 2 for Ubuntu"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ceph: ceph-mon does not perform authorization on OSD pool ops"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…