(RHSA-2020:5325) Moderate: Red Hat Ceph Storage 4.1 security and bug fix update

2020-12-0214:41:23

access.redhat.com

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

42.6%

JSON

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

Security Fix(es):

ceph: CEPHX_V2 replay attack protection lost (CVE-2020-25660)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64libcephfs-devel< 14.2.8-115.el8cplibcephfs-devel-14.2.8-115.el8cp.x86_64.rpm
RedHat7ppc64leceph-mgr< 14.2.8-115.el7cpceph-mgr-14.2.8-115.el7cp.ppc64le.rpm
RedHat7noarchceph-mgr-dashboard< 14.2.8-115.el7cpceph-mgr-dashboard-14.2.8-115.el7cp.noarch.rpm
RedHat7noarchceph-mgr-rook< 14.2.8-115.el7cpceph-mgr-rook-14.2.8-115.el7cp.noarch.rpm
RedHat8x86_64librbd-devel< 14.2.8-115.el8cplibrbd-devel-14.2.8-115.el8cp.x86_64.rpm
RedHat8ppc64lepython3-rbd-debuginfo< 14.2.8-115.el8cppython3-rbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm
RedHat7noarchceph-mgr-k8sevents< 14.2.8-115.el7cpceph-mgr-k8sevents-14.2.8-115.el7cp.noarch.rpm
RedHat8ppc64leceph-fuse< 14.2.8-115.el8cpceph-fuse-14.2.8-115.el8cp.ppc64le.rpm
RedHat8ppc64lepython3-cephfs< 14.2.8-115.el8cppython3-cephfs-14.2.8-115.el8cp.ppc64le.rpm
RedHat8x86_64python3-rados< 14.2.8-115.el8cppython3-rados-14.2.8-115.el8cp.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	libcephfs-devel	< 14.2.8-115.el8cp	libcephfs-devel-14.2.8-115.el8cp.x86_64.rpm
RedHat	7	ppc64le	ceph-mgr	< 14.2.8-115.el7cp	ceph-mgr-14.2.8-115.el7cp.ppc64le.rpm
RedHat	7	noarch	ceph-mgr-dashboard	< 14.2.8-115.el7cp	ceph-mgr-dashboard-14.2.8-115.el7cp.noarch.rpm
RedHat	7	noarch	ceph-mgr-rook	< 14.2.8-115.el7cp	ceph-mgr-rook-14.2.8-115.el7cp.noarch.rpm
RedHat	8	x86_64	librbd-devel	< 14.2.8-115.el8cp	librbd-devel-14.2.8-115.el8cp.x86_64.rpm
RedHat	8	ppc64le	python3-rbd-debuginfo	< 14.2.8-115.el8cp	python3-rbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm
RedHat	7	noarch	ceph-mgr-k8sevents	< 14.2.8-115.el7cp	ceph-mgr-k8sevents-14.2.8-115.el7cp.noarch.rpm
RedHat	8	ppc64le	ceph-fuse	< 14.2.8-115.el8cp	ceph-fuse-14.2.8-115.el8cp.ppc64le.rpm
RedHat	8	ppc64le	python3-cephfs	< 14.2.8-115.el8cp	python3-cephfs-14.2.8-115.el8cp.ppc64le.rpm
RedHat	8	x86_64	python3-rados	< 14.2.8-115.el8cp	python3-rados-14.2.8-115.el8cp.x86_64.rpm