Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-3650

Опубликовано: 17 янв. 2023
Источник: debian

Описание

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
cephfixed16.2.10+ds-4package
cephnot-affectedbusterpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2022/10/25/1

  • https://tracker.ceph.com/issues/57967

  • https://github.com/ceph/ceph/pull/48713

  • https://github.com/ceph/ceph/commit/45915540559126a652f8d9d105723584cfc63439 (main)

  • https://github.com/ceph/ceph/commit/130c9626598bc3a75942161e6cce7c664c447382 (main)

  • Backport to Pacific: https://github.com/ceph/ceph/pull/48804

  • Backport to Quincy: https://github.com/ceph/ceph/pull/48805

Связанные уязвимости

ubuntu логотип

CVE-2022-3650

CVSS3: 7.8
ubuntu
около 3 лет назад

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

redhat логотип

CVE-2022-3650

CVSS3: 8.8
redhat
больше 3 лет назад

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

nvd логотип

CVE-2022-3650

CVSS3: 7.8
nvd
около 3 лет назад

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

msrc логотип

CVE-2022-3650

CVSS3: 7.8
msrc
около 1 года назад

Описание отсутствует

github логотип

GHSA-4mjm-gg3q-674f

CVSS3: 7.8
github
около 3 лет назад

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.