Описание
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ceph | fixed | 14.2.21-1 | package | |
| ceph | not-affected | stretch | package |
Примечания
https://www.openwall.com/lists/oss-security/2021/05/14/5
Nautilus: https://github.com/ceph/ceph/commit/f44a8ae8aa27ecef69528db9aec220f12492810e
Octopus: https://github.com/ceph/ceph/commit/b87e64e3206210580f4a6df2d77f9ae3f1033039
Pacific: https://github.com/ceph/ceph/commit/bf06990ab41d7ac299e4441ad9cd434e926a18e7
EPSS
Связанные уязвимости
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
Уязвимость компонента RGW системы хранения данных Ceph, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS