CVE-2018-1129
First published: Tue May 08 2018(Updated: )
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/ceph | <2:10.2.10-28.el7c | 2:10.2.10-28.el7c |
| redhat/ceph-ansible | <0:3.0.39-1.el7c | 0:3.0.39-1.el7c |
| redhat/ceph | <2:12.2.4-30.el7c | 2:12.2.4-30.el7c |
| redhat/cephmetrics | <0:1.0.1-1.el7c | 0:1.0.1-1.el7c |
| redhat/nfs-ganesha | <0:2.5.5-6.el7c | 0:2.5.5-6.el7c |
| debian/ceph | 12.2.11+dfsg1-2.1 12.2.11+dfsg1-2.1+deb10u1 14.2.21-1 16.2.11+ds-2 16.2.11+ds-5 | |
| debian/linux | 4.19.249-2 4.19.289-2 5.10.197-1 5.10.191-1 6.1.55-1 6.1.52-1 6.5.6-1 6.5.8-1 | |
| redhat/ceph | <10.2.11 | 10.2.11 |
| redhat/ceph | <12.2.6 | 12.2.6 |
| redhat/ceph | <13.2.1 | 13.2.1 |
| Redhat Ceph Storage | =1.3 | |
| Redhat Ceph Storage | =3 | |
| Redhat Ceph Storage Mon | =2 | |
| Redhat Ceph Storage Mon | =3 | |
| Redhat Ceph Storage Osd | =2 | |
| Redhat Ceph Storage Osd | =3 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| Ceph Ceph | =10.2.0 | |
| Ceph Ceph | =10.2.1 | |
| Ceph Ceph | =10.2.2 | |
| Ceph Ceph | =10.2.3 | |
| Ceph Ceph | =10.2.4 | |
| Ceph Ceph | =10.2.5 | |
| Ceph Ceph | =10.2.6 | |
| Ceph Ceph | =10.2.7 | |
| Ceph Ceph | =10.2.8 | |
| Ceph Ceph | =10.2.9 | |
| Ceph Ceph | =10.2.10 | |
| Ceph Ceph | =10.2.11 | |
| Ceph Ceph | =12.2.0 | |
| Ceph Ceph | =12.2.1 | |
| Ceph Ceph | =12.2.2 | |
| Ceph Ceph | =12.2.3 | |
| Ceph Ceph | =12.2.4 | |
| Ceph Ceph | =12.2.5 | |
| Ceph Ceph | =12.2.6 | |
| Ceph Ceph | =12.2.7 | |
| Ceph Ceph | =13.2.0 | |
| Ceph Ceph | =13.2.1 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| openSUSE Leap | =15.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
- http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
- http://tracker.ceph.com/issues/24837
- https://access.redhat.com/errata/RHSA-2018:2177
- https://access.redhat.com/errata/RHSA-2018:2179
- https://access.redhat.com/errata/RHSA-2018:2261
- https://access.redhat.com/errata/RHSA-2018:2274
- https://bugzilla.redhat.com/show_bug.cgi?id=1576057
- https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587
- https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
- https://www.debian.org/security/2018/dsa-4339
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1599408
- https://access.redhat.com/security/cve/cve-2018-1129
- https://docs.ceph.com/en/latest/releases/jewel/#v10-2-11-jewel
- https://docs.ceph.com/en/latest/releases/luminous/#v12-2-6-luminous
- https://docs.ceph.com/en/latest/releases/mimic/#v13-2-1-mimic
- https://www.cve.org/CVERecord?id=CVE-2018-1129 https://nvd.nist.gov/vuln/detail/CVE-2018-1129
- https://git.kernel.org/linus/cc255c76c70f7a87d97939621eae04b600d9f4a1
- https://security-tracker.debian.org/tracker/CVE-2018-1129
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2018-1129.
What is the severity of CVE-2018-1129?
The severity of CVE-2018-1129 is medium.
How does the vulnerability in CVE-2018-1129 impact cephx authentication protocol?
The vulnerability in CVE-2018-1129 allows an attacker with access to the ceph cluster network to bypass signature checks done by the cephx authentication protocol.
Which software versions are affected by CVE-2018-1129?
Software versions 10.2.11, 12.2.6, 13.2.1, and earlier are affected by CVE-2018-1129.
Are there any remediation steps available for CVE-2018-1129?
Yes, updating ceph to versions 10.2.11, 12.2.6, 13.2.1, or later will remediate the vulnerability.
- collector/redhat-cve
- collector/security-tracker-debian
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-1129
- agent/software-canonical-lookup
- agent/tags
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- package-manager/debian
- vendor/redhat
- canonical/redhat ceph storage
- version/redhat ceph storage/1.3
- version/redhat ceph storage/3
- canonical/redhat ceph storage mon
- version/redhat ceph storage mon/2
- version/redhat ceph storage mon/3
- canonical/redhat ceph storage osd
- version/redhat ceph storage osd/2
- version/redhat ceph storage osd/3
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- vendor/ceph
- canonical/ceph ceph
- version/ceph ceph/10.2.0
- version/ceph ceph/10.2.1
- version/ceph ceph/10.2.2
- version/ceph ceph/10.2.3
- version/ceph ceph/10.2.4
- version/ceph ceph/10.2.5
- version/ceph ceph/10.2.6
- version/ceph ceph/10.2.7
- version/ceph ceph/10.2.8
- version/ceph ceph/10.2.9
- version/ceph ceph/10.2.10
- version/ceph ceph/10.2.11
- version/ceph ceph/12.2.0
- version/ceph ceph/12.2.1
- version/ceph ceph/12.2.2
- version/ceph ceph/12.2.3
- version/ceph ceph/12.2.4
- version/ceph ceph/12.2.5
- version/ceph ceph/12.2.6
- version/ceph ceph/12.2.7
- version/ceph ceph/13.2.0
- version/ceph ceph/13.2.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.0