Security update for ceph SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:2299-1 Final 1 1 2018-08-10T09:36:47Z current 2018-08-10T09:36:47Z 2018-08-10T09:36:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ceph This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-10861: Fix ceph-mon authorization on OSD pool ops (bsc#1099162). - CVE-2018-1128: Fix cephx signature check bypass (bsc#1096748). - CVE-2018-1129: Fix cephx protocol vulnerability to replay attack (bsc#1096748). - CVE-2018-7262: Fix malformed http headers that can crash rgw (bsc#1081379). Bug fixes: - bsc#1072512: multipart uploads are broken if the bucket has been resharded - bsc#1080112: rgw: user stats increased after bucket reshard - bsc#1086340: SES5: XFS metadata corruption on rbd-nbd mapped image with journaling feature enabled The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-Storage-4-2018-1537 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20182299-1/ Link for SUSE-SU-2018:2299-1 https://lists.suse.com/pipermail/sle-security-updates/2018-August/004401.html E-Mail link for SUSE-SU-2018:2299-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1072512 SUSE Bug 1072512 https://bugzilla.suse.com/1080112 SUSE Bug 1080112 https://bugzilla.suse.com/1081379 SUSE Bug 1081379 https://bugzilla.suse.com/1086340 SUSE Bug 1086340 https://bugzilla.suse.com/1096748 SUSE Bug 1096748 https://bugzilla.suse.com/1099162 SUSE Bug 1099162 https://www.suse.com/security/cve/CVE-2018-10861/ SUSE CVE CVE-2018-10861 page https://www.suse.com/security/cve/CVE-2018-1128/ SUSE CVE CVE-2018-1128 page https://www.suse.com/security/cve/CVE-2018-1129/ SUSE CVE CVE-2018-1129 page https://www.suse.com/security/cve/CVE-2018-7262/ SUSE CVE CVE-2018-7262 page SUSE Enterprise Storage 4 ceph-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-base-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-common-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-mds-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-mon-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-osd-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-radosgw-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-test-10.2.11+git.1531487710.3a12911a2e-12.14.2 libcephfs1-10.2.11+git.1531487710.3a12911a2e-12.14.2 librados2-10.2.11+git.1531487710.3a12911a2e-12.14.2 libradosstriper1-10.2.11+git.1531487710.3a12911a2e-12.14.2 librbd1-10.2.11+git.1531487710.3a12911a2e-12.14.2 librgw2-10.2.11+git.1531487710.3a12911a2e-12.14.2 python-ceph-compat-10.2.11+git.1531487710.3a12911a2e-12.14.2 python-cephfs-10.2.11+git.1531487710.3a12911a2e-12.14.2 python-rados-10.2.11+git.1531487710.3a12911a2e-12.14.2 python-rbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 rbd-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 rbd-mirror-10.2.11+git.1531487710.3a12911a2e-12.14.2 rbd-nbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 ceph-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-base-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-common-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-mds-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-mon-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-osd-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-radosgw-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 ceph-test-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 libcephfs1-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 librados2-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 libradosstriper1-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 librbd1-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 librgw2-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 python-ceph-compat-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 python-cephfs-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 python-rados-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 python-rbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 rbd-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 rbd-mirror-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 rbd-nbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 as a component of SUSE Enterprise Storage 4 A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected. CVE-2018-10861 SUSE Enterprise Storage 4:ceph-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-base-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-common-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mds-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mon-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-osd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-radosgw-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-test-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libcephfs1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librados2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libradosstriper1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librbd1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librgw2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-ceph-compat-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-cephfs-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rados-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-mirror-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-nbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 important 5.5 AV:N/AC:L/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182299-1/ https://www.suse.com/security/cve/CVE-2018-10861.html CVE-2018-10861 https://bugzilla.suse.com/1099162 SUSE Bug 1099162 https://bugzilla.suse.com/1114710 SUSE Bug 1114710 It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. CVE-2018-1128 SUSE Enterprise Storage 4:ceph-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-base-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-common-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mds-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mon-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-osd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-radosgw-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-test-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libcephfs1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librados2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libradosstriper1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librbd1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librgw2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-ceph-compat-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-cephfs-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rados-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-mirror-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-nbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 important 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182299-1/ https://www.suse.com/security/cve/CVE-2018-1128.html CVE-2018-1128 https://bugzilla.suse.com/1096748 SUSE Bug 1096748 https://bugzilla.suse.com/1114710 SUSE Bug 1114710 https://bugzilla.suse.com/1177843 SUSE Bug 1177843 https://bugzilla.suse.com/1177859 SUSE Bug 1177859 A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. CVE-2018-1129 SUSE Enterprise Storage 4:ceph-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-base-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-common-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mds-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mon-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-osd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-radosgw-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-test-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libcephfs1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librados2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libradosstriper1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librbd1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librgw2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-ceph-compat-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-cephfs-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rados-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-mirror-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-nbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 important 3.3 AV:A/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182299-1/ https://www.suse.com/security/cve/CVE-2018-1129.html CVE-2018-1129 https://bugzilla.suse.com/1096748 SUSE Bug 1096748 https://bugzilla.suse.com/1114710 SUSE Bug 1114710 In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service. CVE-2018-7262 SUSE Enterprise Storage 4:ceph-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-base-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-common-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mds-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-mon-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-osd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-radosgw-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:ceph-test-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libcephfs1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librados2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:libradosstriper1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librbd1-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:librgw2-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-ceph-compat-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-cephfs-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rados-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:python-rbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-fuse-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-mirror-10.2.11+git.1531487710.3a12911a2e-12.14.2 SUSE Enterprise Storage 4:rbd-nbd-10.2.11+git.1531487710.3a12911a2e-12.14.2 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182299-1/ https://www.suse.com/security/cve/CVE-2018-7262.html CVE-2018-7262 https://bugzilla.suse.com/1081379 SUSE Bug 1081379