Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

SUSE Linux 15-SP1: 2021:0023-1 Moderate: Ceph Privilege Escalation

suse
Calendar Grey January 5, 2021
Scroller Suse
Address privilege escalation vulnerabilities in Ceph through SUSE's latest update; enhancements comprise several new optimizations.
An update that solves one vulnerability and has 5 fixes is now available

Summary

This update for ceph fixes the following issues: Security issues fixed: - CVE-2020-27781: Fixed a privilege escalation via the ceph_volume_client Python interface (bsc#1179802 bsc#1180155). Non-security issues fixed: - Fixes an issue when check in legacy collection reaches end. (bsc#1179139) - Fixes an issue when storage service stops. (bsc#1178837) - Fix for failing test run due to missing module 'six'. (bsc#1179452) - Provide a different name for the fallback allocator in bluestore. (bsc#1180118) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Basesystem 15-SP1:

References

#1178837 #1179139 #1179452 #1179802 #1180118

#1180155

Cross- CVE-2020-27781

Affected Products:

SUSE Linux Enterprise Module for Basesystem 15-SP1

SUSE Enterprise Storage 6

https://www.suse.com/security/cve/CVE-2020-27781.html

https://bugzilla.suse.com/1178837

https://bugzilla.suse.com/1179139

https://bugzilla.suse.com/1179452

https://bugzilla.suse.com/1179802

https://bugzilla.suse.com/1180118

https://bugzilla.suse.com/1180155

Announcement ID: SUSE-SU-2021:0023-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.