CVE-2018-10861
First published: Wed Jun 20 2018(Updated: )
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, and corrupt snapshot images. This would require user to have read access and for that user must have key for authentication. It would only affect snapshots and images. So attacker with read access will only be able to corrupt data of snapshot images and rest of the ceph cluster should work as it is. Affect on integrity would be low and availability part can be controlled by mitigation using 'mon_allow_pool_delete = false' in ceph.conf to disable deletion of pools
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/ceph | 12.2.11+dfsg1-2.1 12.2.11+dfsg1-2.1+deb10u1 14.2.21-1 16.2.11+ds-2 16.2.11+ds-5 | |
| redhat/ceph | <10.2.11 | 10.2.11 |
| redhat/ceph | <12.2.6 | 12.2.6 |
| redhat/ceph | <13.2.1 | 13.2.1 |
| Ceph Ceph | =10.2.0 | |
| Ceph Ceph | =10.2.1 | |
| Ceph Ceph | =10.2.2 | |
| Ceph Ceph | =10.2.3 | |
| Ceph Ceph | =10.2.4 | |
| Ceph Ceph | =10.2.5 | |
| Ceph Ceph | =10.2.6 | |
| Ceph Ceph | =10.2.7 | |
| Ceph Ceph | =10.2.8 | |
| Ceph Ceph | =10.2.9 | |
| Ceph Ceph | =10.2.10 | |
| Ceph Ceph | =10.2.11 | |
| Ceph Ceph | =12.2.0 | |
| Ceph Ceph | =12.2.1 | |
| Ceph Ceph | =12.2.2 | |
| Ceph Ceph | =12.2.3 | |
| Ceph Ceph | =12.2.4 | |
| Ceph Ceph | =12.2.5 | |
| Ceph Ceph | =12.2.6 | |
| Ceph Ceph | =12.2.7 | |
| Ceph Ceph | =13.2.0 | |
| Ceph Ceph | =13.2.1 | |
| Redhat Ceph Storage | =3 | |
| Redhat Ceph Storage Mon | =2 | |
| Redhat Ceph Storage Mon | =3 | |
| Redhat Ceph Storage Osd | =2 | |
| Redhat Ceph Storage Osd | =3 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| openSUSE Leap | =15.0 | |
| Debian Debian Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
- http://tracker.ceph.com/issues/24838
- http://www.securityfocus.com/bid/104742
- https://access.redhat.com/errata/RHSA-2018:2177
- https://access.redhat.com/errata/RHSA-2018:2179
- https://access.redhat.com/errata/RHSA-2018:2261
- https://access.redhat.com/errata/RHSA-2018:2274
- https://bugzilla.redhat.com/show_bug.cgi?id=1593308
- https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
- https://www.debian.org/security/2018/dsa-4339
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1599407
- https://docs.ceph.com/en/latest/releases/jewel/#v10-2-11-jewel
- https://docs.ceph.com/en/latest/releases/luminous/#v12-2-6-luminous
- https://docs.ceph.com/en/latest/releases/mimic/#v13-2-1-mimic
- https://security-tracker.debian.org/tracker/CVE-2018-10861
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2018-10861.
What is the severity of CVE-2018-10861?
The severity of CVE-2018-10861 is high with a CVSS score of 8.1.
What software versions are affected by CVE-2018-10861?
Ceph versions 10.2.11, 12.2.6, and 13.2.1 are affected by CVE-2018-10861.
How can an authenticated ceph user exploit CVE-2018-10861?
An authenticated ceph user with read access can delete, create ceph storage pools, and corrupt snapshot images.
Where can I find more information about CVE-2018-10861?
You can find more information about CVE-2018-10861 in the following references: [Reference 1](http://tracker.ceph.com/issues/24838), [Reference 2](https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc), [Reference 3](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1599407).
- collector/security-tracker-debian
- agent/weakness
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-10861
- agent/software-canonical-lookup
- agent/tags
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- package-manager/redhat
- vendor/ceph
- canonical/ceph ceph
- version/ceph ceph/10.2.0
- version/ceph ceph/10.2.1
- version/ceph ceph/10.2.2
- version/ceph ceph/10.2.3
- version/ceph ceph/10.2.4
- version/ceph ceph/10.2.5
- version/ceph ceph/10.2.6
- version/ceph ceph/10.2.7
- version/ceph ceph/10.2.8
- version/ceph ceph/10.2.9
- version/ceph ceph/10.2.10
- version/ceph ceph/10.2.11
- version/ceph ceph/12.2.0
- version/ceph ceph/12.2.1
- version/ceph ceph/12.2.2
- version/ceph ceph/12.2.3
- version/ceph ceph/12.2.4
- version/ceph ceph/12.2.5
- version/ceph ceph/12.2.6
- version/ceph ceph/12.2.7
- version/ceph ceph/13.2.0
- version/ceph ceph/13.2.1
- vendor/redhat
- canonical/redhat ceph storage
- version/redhat ceph storage/3
- canonical/redhat ceph storage mon
- version/redhat ceph storage mon/2
- version/redhat ceph storage mon/3
- canonical/redhat ceph storage osd
- version/redhat ceph storage osd/2
- version/redhat ceph storage osd/3
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0