19 matches found
NewStart CGSL MAIN 7.02 : ceph Vulnerability (NS-SA-2025-0247)
The remote NewStart CGSL host, running version MAIN 7.02, has ceph packages installed that are affected by a vulnerability: - A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged...
Debian dla-4310 : ceph - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4310 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4310-1 [email protected]...
[SECURITY] [DLA 4310-1] ceph security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4310-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 25, 2025 https://wiki.debian.org/LTS -...
Security Bulletin: IBM Storage Ceph is vulnerable to Placement of User into Incorrect Group in Ceph-crash.service (CVE-2022-3650)
Summary Ceph-crash.service is used by IBM Storage Ceph. CVE-2022-3650 This bulletin identifies the steps to take to address the vulnerability in Ceph. Vulnerability Details CVEID:CVE-2022-3650 DESCRIPTION: Ceph could allow a local authenticated attacker to gain elevated privileges on the system,...
Linux Distros Unpatched Vulnerability : CVE-2022-3650
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump...
Azure Linux 3.0 Security Update: ceph (CVE-2022-3650)
The version of ceph installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3650 advisory. - A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privilege...
CBL Mariner 2.0 Security Update: ceph (CVE-2022-3650)
The version of ceph installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3650 advisory. - A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privilege...
CVE-2022-3650 affecting package ceph for versions less than 18.2.1-1
CVE-2022-3650 affecting package ceph for versions less than 18.2.1-1. An upgraded version of the package is available that resolves this issue...
Ubuntu 23.04 : Ceph vulnerability (USN-6292-1)
The remote Ubuntu 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6292-1 advisory. It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root. Tenable has extracted the...
Ubuntu: Security Advisory (USN-6063-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6063-1: Ceph vulnerabilities
Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-3979 It was discovered that Ceph incorrectly handled the volumes...
Fedora: Security Advisory for ceph (FEDORA-2023-d6b219d19a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ceph packages fix security vulnerability
Openstack manilla owning a Ceph File system "share", enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system...
Important: Red Hat Security Advisory: Red Hat Ceph Storage 5.3 Bug fix and security update
An update is now available for Red Hat Ceph Storage 5.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...
CVE-2022-3650
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information...
CVE-2022-3650
CVE-2022-3650 is a local privilege-escalation flaw in Ceph via the ceph-crash.service, allowing an authenticated local attacker to gain root privileges (via crash dump contents). Affected is Ceph prior to patched versions; the root cause is the ceph-crash script running as root in /var/lib/ceph/c...
CVE-2022-3650
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information...
CVE-2022-3650
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information...
CVE-2022-3650
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information...