SUSE SLES15 Security Update : kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7 RT) (SUSE-SU-2026:0945-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0945-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: -...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Ceph vulnerabilities (USN-8045-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8045-1 advisory. Martin Schobert discovered that Ceph did not properly verify SSL certificates when...

Ubuntu 14.04 LTS / 16.04 LTS : Ceph vulnerabilities (USN-7706-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7706-1 advisory. It was discovered that Ceph incorrectly handled read-only permissions. An authenticated attacker could use this issue to obtain dm-crypt...

USN-7706-1 ceph vulnerabilities

It was discovered that Ceph incorrectly handled read-only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 14.04 LTS. CVE-2018-14662 Sergey Bobrov discovered that Ceph’s RadosGW Ceph Object Gateway allowed the injectio...

GHSA-G4R6-J635-4PR7 vulnerabilities

Vulnerabilities for packages: ceph...

GHSA-VR4V-H7XQ-HWC6 vulnerabilities

Vulnerabilities for packages: ceph...

Ceph 安全漏洞

Ceph is a file storage platform from Ceph open source. A security vulnerability exists in Ceph versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, which stems from an unprivileged user being able to elevate to root privileges via chmod 777...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-063)

The version of kernel installed on the remote host is prior to 5.15.178-120.178. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-063 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...

Fedora 37 : ceph (2022-d832fd2f45)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-d832fd2f45 advisory. ceph 17.2.5 GA ---- ceph-17.2.4 Security fix for CVE-2021-3979 Note: fix was actually included in ceph-17.2.3 Tenable has extracted the preceding...

USN-6063-1 ceph vulnerabilities

Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-3979 It was discovered that Ceph incorrectly handled the volumes...

Ubuntu 18.04 LTS : Ceph vulnerabilities (USN-5128-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5128-1 advisory. Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker cou...

OPENSUSE-SU-2021:1834-1 Security update for ceph

This update for ceph fixes the following issues: - Update to 15.2.12-83-g528da226523: - CVE-2021-3509 fix cookie injection issue bsc1186021 - CVE-2021-3531 RGWSwiftWebsiteHandler::iswebdir checks empty subdirname bsc1186020 - CVE-2021-3524 sanitize \r in s3 CORSConfiguration’s ExposeHeader...

SUSE-SU-2020:0930-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484...

OPENSUSE-SU-2020:0187-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-1700: Fixed a denial of service against the RGW server via connection leakage bsc1161312. - CVE-2020-1699: Fixed a information disclosure by improper URL checking bsc1161074. This update was imported from the SUSE:SLE-15-SP1:Update updat...

USN-4035-1 ceph vulnerabilities

It was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. CVE-2018-14662 It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices...