{"schema_version":"1.7.2","id":"OESA-2024-2373","modified":"2024-11-08T15:10:59Z","published":"2024-11-08T15:10:59Z","upstream":["CVE-2023-46159"],"summary":"ceph security update","details":"Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage.\r\n\r\nSecurity Fix(es):\r\n\r\nIBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW.  IBM X-Force ID:  268906.(CVE-2023-46159)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP1","name":"ceph","purl":"pkg:rpm/openEuler/ceph\u0026distro=openEuler-22.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"16.2.7-21.oe2203sp1"}]}],"ecosystem_specific":{"aarch64":["ceph-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-base-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-common-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-debuginfo-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-debugsource-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-fuse-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-immutable-object-cache-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-mds-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-mgr-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-mon-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-osd-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-radosgw-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-resource-agents-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-selinux-16.2.7-21.oe2203sp1.aarch64.rpm","ceph-test-16.2.7-21.oe2203sp1.aarch64.rpm","cephfs-mirror-16.2.7-21.oe2203sp1.aarch64.rpm","libcephfs-devel-16.2.7-21.oe2203sp1.aarch64.rpm","libcephfs2-16.2.7-21.oe2203sp1.aarch64.rpm","libcephsqlite-16.2.7-21.oe2203sp1.aarch64.rpm","libcephsqlite-devel-16.2.7-21.oe2203sp1.aarch64.rpm","librados-devel-16.2.7-21.oe2203sp1.aarch64.rpm","librados2-16.2.7-21.oe2203sp1.aarch64.rpm","libradospp-devel-16.2.7-21.oe2203sp1.aarch64.rpm","libradosstriper-devel-16.2.7-21.oe2203sp1.aarch64.rpm","libradosstriper1-16.2.7-21.oe2203sp1.aarch64.rpm","librbd-devel-16.2.7-21.oe2203sp1.aarch64.rpm","librbd1-16.2.7-21.oe2203sp1.aarch64.rpm","librgw-devel-16.2.7-21.oe2203sp1.aarch64.rpm","librgw2-16.2.7-21.oe2203sp1.aarch64.rpm","python3-ceph-argparse-16.2.7-21.oe2203sp1.aarch64.rpm","python3-ceph-common-16.2.7-21.oe2203sp1.aarch64.rpm","python3-cephfs-16.2.7-21.oe2203sp1.aarch64.rpm","python3-rados-16.2.7-21.oe2203sp1.aarch64.rpm","python3-rbd-16.2.7-21.oe2203sp1.aarch64.rpm","python3-rgw-16.2.7-21.oe2203sp1.aarch64.rpm","rados-objclass-devel-16.2.7-21.oe2203sp1.aarch64.rpm","rbd-fuse-16.2.7-21.oe2203sp1.aarch64.rpm","rbd-mirror-16.2.7-21.oe2203sp1.aarch64.rpm","rbd-nbd-16.2.7-21.oe2203sp1.aarch64.rpm"],"noarch":["ceph-grafana-dashboards-16.2.7-21.oe2203sp1.noarch.rpm","ceph-mgr-cephadm-16.2.7-21.oe2203sp1.noarch.rpm","ceph-mgr-dashboard-16.2.7-21.oe2203sp1.noarch.rpm","ceph-mgr-diskprediction-local-16.2.7-21.oe2203sp1.noarch.rpm","ceph-mgr-k8sevents-16.2.7-21.oe2203sp1.noarch.rpm","ceph-mgr-modules-core-16.2.7-21.oe2203sp1.noarch.rpm","ceph-mgr-rook-16.2.7-21.oe2203sp1.noarch.rpm","ceph-prometheus-alerts-16.2.7-21.oe2203sp1.noarch.rpm","cephadm-16.2.7-21.oe2203sp1.noarch.rpm","cephfs-top-16.2.7-21.oe2203sp1.noarch.rpm"],"src":["ceph-16.2.7-21.oe2203sp1.src.rpm"],"x86_64":["ceph-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-base-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-common-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-debuginfo-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-debugsource-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-fuse-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-immutable-object-cache-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-mds-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-mgr-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-mon-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-osd-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-radosgw-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-resource-agents-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-selinux-16.2.7-21.oe2203sp1.x86_64.rpm","ceph-test-16.2.7-21.oe2203sp1.x86_64.rpm","cephfs-mirror-16.2.7-21.oe2203sp1.x86_64.rpm","libcephfs-devel-16.2.7-21.oe2203sp1.x86_64.rpm","libcephfs2-16.2.7-21.oe2203sp1.x86_64.rpm","libcephsqlite-16.2.7-21.oe2203sp1.x86_64.rpm","libcephsqlite-devel-16.2.7-21.oe2203sp1.x86_64.rpm","librados-devel-16.2.7-21.oe2203sp1.x86_64.rpm","librados2-16.2.7-21.oe2203sp1.x86_64.rpm","libradospp-devel-16.2.7-21.oe2203sp1.x86_64.rpm","libradosstriper-devel-16.2.7-21.oe2203sp1.x86_64.rpm","libradosstriper1-16.2.7-21.oe2203sp1.x86_64.rpm","librbd-devel-16.2.7-21.oe2203sp1.x86_64.rpm","librbd1-16.2.7-21.oe2203sp1.x86_64.rpm","librgw-devel-16.2.7-21.oe2203sp1.x86_64.rpm","librgw2-16.2.7-21.oe2203sp1.x86_64.rpm","python3-ceph-argparse-16.2.7-21.oe2203sp1.x86_64.rpm","python3-ceph-common-16.2.7-21.oe2203sp1.x86_64.rpm","python3-cephfs-16.2.7-21.oe2203sp1.x86_64.rpm","python3-rados-16.2.7-21.oe2203sp1.x86_64.rpm","python3-rbd-16.2.7-21.oe2203sp1.x86_64.rpm","python3-rgw-16.2.7-21.oe2203sp1.x86_64.rpm","rados-objclass-devel-16.2.7-21.oe2203sp1.x86_64.rpm","rbd-fuse-16.2.7-21.oe2203sp1.x86_64.rpm","rbd-mirror-16.2.7-21.oe2203sp1.x86_64.rpm","rbd-nbd-16.2.7-21.oe2203sp1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2373"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46159"}],"database_specific":{"severity":"Medium"}}