Lucene search
UbuntuUSN-6292-1HistoryAug 16, 2023 - 12:00 a.m.
Ceph vulnerability
2023-08-1600:00:00
ubuntu.com
29
ceph
vulnerability
privilege escalation
ubuntu
23.04
distributed storage
file system
crash dumps
root access
unix
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Releases
- Ubuntu 23.04
Packages
- ceph - distributed storage and file system
Details
It was discovered that Ceph incorrectly handled crash dumps. A local
attacker could possibly use this issue to escalate privileges to root.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.04 | noarch | ceph | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-base | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-base-dbgsym | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-common | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-common-dbgsym | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-fuse | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-fuse-dbgsym | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-grafana-dashboards | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-immutable-object-cache | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
| Ubuntu | 23.04 | noarch | ceph-immutable-object-cache-dbgsym | < 17.2.6-0ubuntu0.23.04.2 | UNKNOWN |
References
Related
nessus
nessus
Fedora 36 : ceph (2023-d6b219d19a)
2023-04-24 00:00:00
GLSA-202312-10 : Ceph: Root Privilege Escalation
2023-12-23 00:00:00
Ubuntu 23.04 : Ceph vulnerability (USN-6292-1)
2023-08-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-3650 affecting package ceph for versions less than 18.2.1-1
2024-04-17 22:02:46
CVE-2022-3650 affecting package ceph for versions less than 16.2.10-4
2024-06-12 22:23:00
openvas
openvas
Fedora: Security Advisory for ceph (FEDORA-2023-d6b219d19a)
2023-04-24 00:00:00
Ubuntu: Security Advisory (USN-6292-1)
2023-08-17 00:00:00
Mageia: Security Advisory (MGASA-2023-0139)
2023-04-17 00:00:00
cve
cve
CVE-2022-3650
2023-01-17 19:15:11
prion
prion
Privilege escalation
2023-01-17 19:15:00
redhat
redhat
cvelist
cvelist
CVE-2022-3650
2023-01-17 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: ceph-16.2.12-1.fc36
2023-04-23 01:23:55
gentoo
gentoo
Ceph: Root Privilege Escalation
2023-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2022-3650
2023-01-17 00:00:00
nvd
nvd
CVE-2022-3650
2023-01-17 19:15:11
debiancve
debiancve
CVE-2022-3650
2023-01-17 19:15:11
osv
osv
CVE-2022-3650
2023-01-17 19:15:11
ceph vulnerabilities
2023-05-09 21:51:19
veracode
veracode
Denial Of Service (DoS)
2022-12-05 11:03:16
redhatcve
redhatcve
CVE-2022-3650
2022-10-25 15:57:03
mageia
mageia
Updated ceph packages fix security vulnerability
2023-04-15 22:03:44
ubuntu
ubuntu
Ceph vulnerabilities
2023-05-09 00:00:00
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for USN-6292-1