4 matches found
Denial Of Service (Dos)
ceph is vulnerable to denial of service. There is no defined limit for ListBucket max-keys in the RGW codebase, allowing users to crash the application against OMAPs holding bucket indices...
ceph: ListBucket max-keys has no defined limit in the RGW codebase
A flaw was found in the way the ListBucket function max-keys has no defined limit in the RGW codebase. An authenticated ceph RGW user can cause a denial of service attack against OMAPs holding bucked indices...
ceph: ListBucket max-keys has no defined limit in the RGW codebase
A flaw was found in the way the ListBucket function max-keys has no defined limit in the RGW codebase. An authenticated ceph RGW user can cause a denial of service attack against OMAPs holding bucked indices...
OPENSUSE-SU-2019:1284-1 Security update for ceph
This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass in...