3 matches found
CVE-2020-1700
CVE-2020-1700 affects Ceph RGW Beast front-end where improper handling of unexpected disconnects by an authenticated user can cause a permanent leak of a socket connection, leading to resource exhaustion and DoS via accumulated CLOSE_WAIT sockets. Publicly documented fixes target Ceph RGW in vari...
CVE-2021-4048
CVE-2021-4048 is an out-of-bounds read in LAPACK routines CLARRV, DLARRV, SLARRV and ZLARRV (affecting LAPACK up to 3.10.0 and OpenBLAS up to 0.3.18). A crafted input may crash an application or disclose memory portions. Affected packages include lapack and OpenBLAS; some advisories (e.g., AlmaLi...
CVE-2021-3979
CVE-2021-3979 concerns a key length flaw in Ceph Storage (Red Hat Ceph Storage). The attacker could exploit incorrect key length handling to produce non-random keys, potentially weakening confidentiality and integrity of encrypted disks. The connected advisories confirm this vulnerability within ...