Lucene search

DebianDEBIAN:DSA-4339-1:24369

HistoryNov 13, 2018 - 9:48 p.m.

[SECURITY] [DSA 4339-1] ceph security update

2018-11-1321:48:36

lists.debian.org

409

5.4 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

Debian Security Advisory DSA-4339-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
November 13, 2018 https://www.debian.org/security/faq

Package : ceph
CVE ID : CVE-2017-7519 CVE-2018-1086 CVE-2018-1128 CVE-2018-1129

Multiple vulnerabilities were discovered in Ceph, a distributed storage
and file system: The cephx authentication protocol was suspectible to
replay attacks and calculated signatures incorrectly, "ceph mon" did not
validate capabilities for pool operations (resulting in potential
corruption or deletion of snapshot images) and a format string
vulnerability in libradosstriper could result in denial of service.

For the stable distribution (stretch), these problems have been fixed in
version 10.2.11-1.

We recommend that you upgrade your ceph packages.

For the detailed security status of ceph please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ceph

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9amd64ceph-osd-dbgsym< 10.2.11-1ceph-osd-dbgsym_10.2.11-1_amd64.deb
Debian9armhfceph-test-dbgsym< 10.2.11-1ceph-test-dbgsym_10.2.11-1_armhf.deb
Debian9amd64librbd-dev< 10.2.11-1librbd-dev_10.2.11-1_amd64.deb
Debian9ppc64elceph< 10.2.11-1ceph_10.2.11-1_ppc64el.deb
Debian9s390xlibrbd1-dbgsym< 10.2.11-1librbd1-dbgsym_10.2.11-1_s390x.deb
Debian9i386usb-storage-modules-4.9.0-8-686-di< 4.9.144-1usb-storage-modules-4.9.0-8-686-di_4.9.144-1_i386.deb
Debian9s390xlinux-perf-4.9< 4.9.144-1linux-perf-4.9_4.9.144-1_s390x.deb
Debian9ppc64elfirewire-core-modules-4.9.0-8-powerpc64le-di< 4.9.144-1firewire-core-modules-4.9.0-8-powerpc64le-di_4.9.144-1_ppc64el.deb
Debian9i386udf-modules-4.9.0-8-686-di< 4.9.144-1udf-modules-4.9.0-8-686-di_4.9.144-1_i386.deb
Debian9armhflinux-perf-4.9< 4.9.144-1linux-perf-4.9_4.9.144-1_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	amd64	ceph-osd-dbgsym	< 10.2.11-1	ceph-osd-dbgsym_10.2.11-1_amd64.deb
Debian	9	armhf	ceph-test-dbgsym	< 10.2.11-1	ceph-test-dbgsym_10.2.11-1_armhf.deb
Debian	9	amd64	librbd-dev	< 10.2.11-1	librbd-dev_10.2.11-1_amd64.deb
Debian	9	ppc64el	ceph	< 10.2.11-1	ceph_10.2.11-1_ppc64el.deb
Debian	9	s390x	librbd1-dbgsym	< 10.2.11-1	librbd1-dbgsym_10.2.11-1_s390x.deb
Debian	9	i386	usb-storage-modules-4.9.0-8-686-di	< 4.9.144-1	usb-storage-modules-4.9.0-8-686-di_4.9.144-1_i386.deb
Debian	9	s390x	linux-perf-4.9	< 4.9.144-1	linux-perf-4.9_4.9.144-1_s390x.deb
Debian	9	ppc64el	firewire-core-modules-4.9.0-8-powerpc64le-di	< 4.9.144-1	firewire-core-modules-4.9.0-8-powerpc64le-di_4.9.144-1_ppc64el.deb
Debian	9	i386	udf-modules-4.9.0-8-686-di	< 4.9.144-1	udf-modules-4.9.0-8-686-di_4.9.144-1_i386.deb
Debian	9	armhf	linux-perf-4.9	< 4.9.144-1	linux-perf-4.9_4.9.144-1_armhf.deb