[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2019-10222: ceph: unauthenticated clients can crash RGW
From:       Alexandros Toptsoglou <atoptsoglou () suse ! com>
Date:       2019-08-28 15:27:48
Message-ID: 7ade7a65-f829-c4f6-66b5-ee334eaebf68 () suse ! com
[Download RAW message or body]

[Attachment #2 (multipart/mixed)]


Hi all,

an improper exception handling was found in RGW component of Ceph.
Please find the details below.

CVE-2019-10222: ceph: unauthenticated clients can crash RGW

Affected versions:
Nautilus (version 14.2.X)
Mimic (version 13.2.X)
Luminous (version 12.2.X) only if an experimental feature is enabled in
ceph.conf:
  enable_experimental_unrecoverable_data_corrupting_features=true
  enable experimental unrecoverable data corrupting features =
rgw-beast-frontend


Description:
An improper exception condition handling in Ceph allows to any single
unauthenticated
client to crash RGW component of Ceph by sending a special crafted HTTP
request which lead
to denial of service.
The vulnerability affects the RGW component of Ceph, specifically the
ceph-radosgw.

Mitigation:
Apply the fix of pull request in https://github.com/ceph/ceph/pull/29967

Timeline:
- 2019-08-07: Issue discovered.
- 2019-08-08: Issue reported to security@ceph.io
- 2019-08-16: Coordinated release date set on 28th
- 2019-08-28: Disclosure

Reference:
https://bugzilla.suse.com/show_bug.cgi?id=1145093

Credit:
This vulnerability was discovered by Abhishek Lekshmanan of SUSE
Software Solutions Germany GmbH
-- 
Alexandros Toptsoglou <atoptsoglou@suse.com>
Security Engineer
OpenPGP fingerprint: C270 3848 AA4A 783A 9848  BB06 56A3 3D9C B652 1869

SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nuremberg
Germany
(HRB 247165, AG München)
Managing Director: Felix Imendörffer


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]