ALT-PU-2016-2026-1
Closed vulnerabilities
Published: 2016-07-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-5009
The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- openSUSE-SU-2016:3201
- openSUSE-SU-2016:3201
- http://tracker.ceph.com/issues/16297
- http://tracker.ceph.com/issues/16297
- RHSA-2016:1384
- RHSA-2016:1384
- RHSA-2016:1385
- RHSA-2016:1385
- https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6
- https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6
- https://github.com/ceph/ceph/pull/9700
- https://github.com/ceph/ceph/pull/9700
Closed bugs
Не работает ceph-disk