Mageia 8 Advisory: 2023-0139 Moderate: Ceph Privilege Escalation

mageia

April 15, 2023

Openstack manilla owning a Ceph File system "share", enables the owner to read/write any manilla share or entire file system

Summary

Openstack manilla owning a Ceph File system "share", enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. (CVE-2022-0670) Privilege escalation and privileged information disclosure (CVE-2022-3650)

References

- https://bugs.mageia.org/show_bug.cgi?id=30677

- https://docs.ceph.com/en/latest/security/CVE-2022-0670/

- https://www.cve.org/CVERecord?id=CVE-2022-0670

- https://www.cve.org/CVERecord?id=CVE-2022-3650

Topics Covered

security advisory security update privilege escalation info disclosure openstack ceph mageia

Resolution

SRPMS

- 8/core/ceph-15.2.17-1.mga8

Publication date: 15 Apr 2023

URL: https://advisories.mageia.org/MGASA-2023-0139.html

Type: security

CVE: CVE-2022-0670, CVE-2022-3650

Topics Covered

security advisory security update privilege escalation info disclosure openstack ceph mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8 Advisory: 2023-0139 Moderate: Ceph Privilege Escalation

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8 Advisory: 2023-0139 Moderate: Ceph Privilege Escalation

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!