Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:5997
HistoryAug 09, 2022 - 2:26 p.m.

(RHSA-2022:5997) Moderate: Red Hat Ceph Storage Security, Bug Fix, and Enhancement Update

2022-08-0914:26:10
access.redhat.com
43

0.001 Low

EPSS

Percentile

49.8%

JSON

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage.

Perf Tools is a collection of performance analysis tools, including a high-performance multi-threaded malloc() implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.

The libunwind packages contain a C API to determine the call chain of a program. This API is necessary for compatibility with Google Performance Tools (gperftools).

nfs-ganesha : NFS-GANESHA is a NFS Server running in user space. It comes with various back-end modules (called FSALs) provided as shared objects to support different file systems and name-spaces.

The following packages have been upgraded to a later upstream version: ceph (16.2.8), ceph-ansible (6.0.27.9), cephadm-ansible (1.8.0), gperftools (2.9.1), leveldb (1.23), libunwind (1.5.0), nfs-ganesha (3.5), oath-toolkit (2.6.7). (BZ#1623330, BZ#1942171, BZ#1977888, BZ#1997480, BZ#1997996, BZ#2006214, BZ#2006771, BZ#2013215, BZ#2018906, BZ#2024720, BZ#2028628, BZ#2029307, BZ#2030540, BZ#2039669, BZ#2041563, BZ#2041571, BZ#2042417, BZ#2042602, BZ#2043602, BZ#2047487, BZ#2048681, BZ#2049272, BZ#2053468, BZ#2053591, BZ#2055173, BZ#2057307, BZ#2060278, BZ#2064627, BZ#2077843, BZ#2080242)

Security Fix(es):

  • ceph: user/tenant can obtain access (read/write) to any share (CVE-2022-0670)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64ceph-immutable-object-cache-debuginfo< 16.2.8-84.el8cpceph-immutable-object-cache-debuginfo-16.2.8-84.el8cp.x86_64.rpm
RedHat9s390xlibcephfs-devel< 16.2.8-84.el9cplibcephfs-devel-16.2.8-84.el9cp.s390x.rpm
RedHat8s390xceph-fuse< 16.2.8-84.el8cpceph-fuse-16.2.8-84.el8cp.s390x.rpm
RedHat9ppc64legperftools-debugsource< 2.9.1-2.el9cpgperftools-debugsource-2.9.1-2.el9cp.ppc64le.rpm
RedHat9x86_64libunwind-debugsource< 1.5.0-1.el9cplibunwind-debugsource-1.5.0-1.el9cp.x86_64.rpm
RedHat8x86_64ceph-radosgw-debuginfo< 16.2.8-84.el8cpceph-radosgw-debuginfo-16.2.8-84.el8cp.x86_64.rpm
RedHat9x86_64rbd-mirror-debuginfo< 16.2.8-84.el9cprbd-mirror-debuginfo-16.2.8-84.el9cp.x86_64.rpm
RedHat8x86_64rbd-nbd< 16.2.8-84.el8cprbd-nbd-16.2.8-84.el8cp.x86_64.rpm
RedHat8x86_64nfs-ganesha-debuginfo< 3.5-3.el8cpnfs-ganesha-debuginfo-3.5-3.el8cp.x86_64.rpm
RedHat8ppc64leceph-base< 16.2.8-84.el8cpceph-base-16.2.8-84.el8cp.ppc64le.rpm
Rows per page:
1-10 of 4541

Related

openvas 4
cve 1
osv 2
cbl_mariner 3
ubuntucve 1
veracode 1
fedora 2
cvelist 1
redhatcve 1
nessus 5
nvd 1
alpinelinux 1
prion 1
debiancve 1
mageia 1
ubuntu 1
redhat 3
hp 1
openvas
openvas
Fedora: Security Advisory for ceph (FEDORA-2022-6d129f14f2)
2022-08-04 00:00:00
Fedora: Security Advisory for ceph (FEDORA-2022-67e0522b94)
2022-07-28 00:00:00
Mageia: Security Advisory (MGASA-2023-0139)
2023-04-17 00:00:00
cve
cve
CVE-2022-0670
2022-07-25 14:15:10
osv
osv
CVE-2022-0670
2022-07-25 14:15:10
ceph vulnerabilities
2023-05-09 21:51:19
cbl_mariner
cbl_mariner
CVE-2022-0670 affecting package ceph for versions less than 18.2.1-1
2024-04-17 22:02:46
CVE-2022-0670 affecting package ceph for versions less than 16.2.10-1
2023-08-30 15:15:49
CVE-2022-0670 affecting package ceph 16.2.0-4
2022-09-17 05:57:02
ubuntucve
ubuntucve
CVE-2022-0670
2022-07-25 00:00:00
veracode
veracode
Privilege Escalation
2022-08-07 16:58:51
fedora
fedora
[SECURITY] Fedora 35 Update: ceph-16.2.10-1.fc35
2022-08-03 01:49:45
[SECURITY] Fedora 36 Update: ceph-16.2.10-1.fc36
2022-07-27 02:25:00
cvelist
cvelist
CVE-2022-0670
2022-07-25 13:58:09
redhatcve
redhatcve
CVE-2022-0670
2022-07-22 18:36:37
nessus
nessus
RHEL 8 / 9 : Red Hat Ceph Storage Security, Bug Fix, and Enhancement Update (Moderate) (RHSA-2022:5997)
2022-08-10 00:00:00
SUSE SLES15 Security Update : ceph (SUSE-SU-2023:1580-1)
2023-03-28 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ceph (SUSE-SU-2023:1581-1)
2023-03-28 00:00:00
nvd
nvd
CVE-2022-0670
2022-07-25 14:15:10
alpinelinux
alpinelinux
CVE-2022-0670
2022-07-25 14:15:10
prion
prion
Design/Logic Flaw
2022-07-25 14:15:00
debiancve
debiancve
CVE-2022-0670
2022-07-25 14:15:10
mageia
mageia
Updated ceph packages fix security vulnerability
2023-04-15 22:03:44
ubuntu
ubuntu
Ceph vulnerabilities
2023-05-09 00:00:00
redhat
redhat
(RHSA-2022:6024) Moderate: New container image for Red Hat Ceph Storage 5.2 Security update
2022-08-09 20:21:56
(RHSA-2022:6156) Important: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update
2022-08-24 13:44:13
(RHSA-2023:3742) Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
2023-06-21 15:20:50
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00

0.001 Low

EPSS

Percentile

49.8%

JSON
Related for RHSA-2022:5997
openvas4cve1osv2cbl_mariner3ubuntucve1veracode1fedora2cvelist1redhatcve1nessus5nvd1alpinelinux1prion1debiancve1mageia1ubuntu1redhat3hp1