- Issued:
- 2016-07-05
- Updated:
- 2016-07-05
RHSA-2016:1384 - Security Advisory
Synopsis
Moderate: ceph security update
Type/Severity
Security Advisory: Moderate
Topic
An updated ceph package that fixes one security issue is now available for Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Description
Red Hat Ceph Storage is a massively scalable, open, software-defined
storage platform that combines the most stable version of Ceph with a Ceph
management platform, deployment tools, and support services.
A flaw was found in the way handle_command() function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash.(CVE-2016-5009)
Upstream acknowledges Xiaoxi Chen as the original reporter of CVE-2016-5009.
All ceph users are advised to upgrade to this updated package, which
contains backported patches to correct this issue.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Ceph Storage MON 1.3 x86_64
- Red Hat Ceph Storage OSD 1.3 x86_64
Fixes
- BZ - 1351453 - CVE-2016-5009 Ceph monitor crash: mon_command crashes ceph monitors on receiving empty prefix
CVEs
References
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 7
| SRPM | |
|---|---|
| ceph-0.94.5-14.el7cp.src.rpm | SHA-256: 380d53dc03d7a8bd415f4e1b65a7255ec03792364302a90b862f995481df2a67 |
| x86_64 | |
| ceph-common-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a0eeaa8b9c4d77faba387141e59869ade887ef762d32beeaf8af20c8570fc0ef |
| ceph-debuginfo-0.94.5-14.el7cp.x86_64.rpm | SHA-256: bb587a844a87452f297e7d41dab675aa87b88ef45f66f222491b495907fe38ae |
| ceph-radosgw-0.94.5-14.el7cp.x86_64.rpm | SHA-256: da3a818471e59def9aa9a551f26eed4529fa27c37a1f01c5f3c5ec700f06b7a9 |
| ceph-selinux-0.94.5-14.el7cp.x86_64.rpm | SHA-256: c15faccb4c85b27d7866fad99f2fef108ed65799f894cbf8cbf7dd2d71f9e0d2 |
| librados2-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 10c4ac90ff639497bbcd4266ed3cd3116e86d452fa4844b6f8f51c07be754fc7 |
| librados2-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6bfe8f1253914df2be49fdf853ecdaecc038f8c448d5b2b40e23d2584246cb12 |
| librbd1-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6856c7b8d61a1d7b61ebc0f93a74c34710431db458e5cfcad25b6893be62587d |
| librbd1-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: ef1f019ae40b0582251c9b51ee3d58818046399e5b30b559d6804a7d1c59faf3 |
| python-rados-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a7f1e40605c95fa271a4b16a3683b9b9cee44d267c5bebe0a2b883def8f4835b |
| python-rbd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 0baeba4814b98fa96e28f91dd3b41c26bc55c4f8c82321954ade598235755672 |
Red Hat Enterprise Linux Workstation 7
| SRPM | |
|---|---|
| ceph-0.94.5-14.el7cp.src.rpm | SHA-256: 380d53dc03d7a8bd415f4e1b65a7255ec03792364302a90b862f995481df2a67 |
| x86_64 | |
| ceph-common-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a0eeaa8b9c4d77faba387141e59869ade887ef762d32beeaf8af20c8570fc0ef |
| ceph-debuginfo-0.94.5-14.el7cp.x86_64.rpm | SHA-256: bb587a844a87452f297e7d41dab675aa87b88ef45f66f222491b495907fe38ae |
| ceph-radosgw-0.94.5-14.el7cp.x86_64.rpm | SHA-256: da3a818471e59def9aa9a551f26eed4529fa27c37a1f01c5f3c5ec700f06b7a9 |
| ceph-selinux-0.94.5-14.el7cp.x86_64.rpm | SHA-256: c15faccb4c85b27d7866fad99f2fef108ed65799f894cbf8cbf7dd2d71f9e0d2 |
| librados2-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 10c4ac90ff639497bbcd4266ed3cd3116e86d452fa4844b6f8f51c07be754fc7 |
| librados2-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6bfe8f1253914df2be49fdf853ecdaecc038f8c448d5b2b40e23d2584246cb12 |
| librbd1-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6856c7b8d61a1d7b61ebc0f93a74c34710431db458e5cfcad25b6893be62587d |
| librbd1-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: ef1f019ae40b0582251c9b51ee3d58818046399e5b30b559d6804a7d1c59faf3 |
| python-rados-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a7f1e40605c95fa271a4b16a3683b9b9cee44d267c5bebe0a2b883def8f4835b |
| python-rbd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 0baeba4814b98fa96e28f91dd3b41c26bc55c4f8c82321954ade598235755672 |
Red Hat Enterprise Linux Desktop 7
| SRPM | |
|---|---|
| ceph-0.94.5-14.el7cp.src.rpm | SHA-256: 380d53dc03d7a8bd415f4e1b65a7255ec03792364302a90b862f995481df2a67 |
| x86_64 | |
| ceph-common-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a0eeaa8b9c4d77faba387141e59869ade887ef762d32beeaf8af20c8570fc0ef |
| ceph-debuginfo-0.94.5-14.el7cp.x86_64.rpm | SHA-256: bb587a844a87452f297e7d41dab675aa87b88ef45f66f222491b495907fe38ae |
| ceph-radosgw-0.94.5-14.el7cp.x86_64.rpm | SHA-256: da3a818471e59def9aa9a551f26eed4529fa27c37a1f01c5f3c5ec700f06b7a9 |
| ceph-selinux-0.94.5-14.el7cp.x86_64.rpm | SHA-256: c15faccb4c85b27d7866fad99f2fef108ed65799f894cbf8cbf7dd2d71f9e0d2 |
| librados2-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 10c4ac90ff639497bbcd4266ed3cd3116e86d452fa4844b6f8f51c07be754fc7 |
| librados2-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6bfe8f1253914df2be49fdf853ecdaecc038f8c448d5b2b40e23d2584246cb12 |
| librbd1-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6856c7b8d61a1d7b61ebc0f93a74c34710431db458e5cfcad25b6893be62587d |
| librbd1-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: ef1f019ae40b0582251c9b51ee3d58818046399e5b30b559d6804a7d1c59faf3 |
| python-rados-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a7f1e40605c95fa271a4b16a3683b9b9cee44d267c5bebe0a2b883def8f4835b |
| python-rbd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 0baeba4814b98fa96e28f91dd3b41c26bc55c4f8c82321954ade598235755672 |
Red Hat Enterprise Linux for Scientific Computing 7
| SRPM | |
|---|---|
| ceph-0.94.5-14.el7cp.src.rpm | SHA-256: 380d53dc03d7a8bd415f4e1b65a7255ec03792364302a90b862f995481df2a67 |
| x86_64 | |
| ceph-common-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a0eeaa8b9c4d77faba387141e59869ade887ef762d32beeaf8af20c8570fc0ef |
| ceph-debuginfo-0.94.5-14.el7cp.x86_64.rpm | SHA-256: bb587a844a87452f297e7d41dab675aa87b88ef45f66f222491b495907fe38ae |
| ceph-radosgw-0.94.5-14.el7cp.x86_64.rpm | SHA-256: da3a818471e59def9aa9a551f26eed4529fa27c37a1f01c5f3c5ec700f06b7a9 |
| ceph-selinux-0.94.5-14.el7cp.x86_64.rpm | SHA-256: c15faccb4c85b27d7866fad99f2fef108ed65799f894cbf8cbf7dd2d71f9e0d2 |
| librados2-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 10c4ac90ff639497bbcd4266ed3cd3116e86d452fa4844b6f8f51c07be754fc7 |
| librados2-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6bfe8f1253914df2be49fdf853ecdaecc038f8c448d5b2b40e23d2584246cb12 |
| librbd1-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6856c7b8d61a1d7b61ebc0f93a74c34710431db458e5cfcad25b6893be62587d |
| librbd1-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: ef1f019ae40b0582251c9b51ee3d58818046399e5b30b559d6804a7d1c59faf3 |
| python-rados-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a7f1e40605c95fa271a4b16a3683b9b9cee44d267c5bebe0a2b883def8f4835b |
| python-rbd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 0baeba4814b98fa96e28f91dd3b41c26bc55c4f8c82321954ade598235755672 |
Red Hat Ceph Storage MON 1.3
| SRPM | |
|---|---|
| ceph-0.94.5-14.el7cp.src.rpm | SHA-256: 380d53dc03d7a8bd415f4e1b65a7255ec03792364302a90b862f995481df2a67 |
| x86_64 | |
| ceph-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 39cf56d63e01d1b80ac9a7111a1fd822aae171e193a1ddbd2c096e5608e8d4a7 |
| ceph-common-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a0eeaa8b9c4d77faba387141e59869ade887ef762d32beeaf8af20c8570fc0ef |
| ceph-debuginfo-0.94.5-14.el7cp.x86_64.rpm | SHA-256: bb587a844a87452f297e7d41dab675aa87b88ef45f66f222491b495907fe38ae |
| ceph-mon-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 7cec2d566dc535ee34c1194c41b126aec82ce8d710e54f18ff5bfed5ceb22cfa |
| ceph-selinux-0.94.5-14.el7cp.x86_64.rpm | SHA-256: c15faccb4c85b27d7866fad99f2fef108ed65799f894cbf8cbf7dd2d71f9e0d2 |
| ceph-test-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 1bf544f4bbe8103478c3011bde5f2710ae5ee6def7c08bfabc03fcbb1a2aeed9 |
| librados2-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 10c4ac90ff639497bbcd4266ed3cd3116e86d452fa4844b6f8f51c07be754fc7 |
| librados2-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6bfe8f1253914df2be49fdf853ecdaecc038f8c448d5b2b40e23d2584246cb12 |
| librbd1-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6856c7b8d61a1d7b61ebc0f93a74c34710431db458e5cfcad25b6893be62587d |
| librbd1-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: ef1f019ae40b0582251c9b51ee3d58818046399e5b30b559d6804a7d1c59faf3 |
| python-rados-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a7f1e40605c95fa271a4b16a3683b9b9cee44d267c5bebe0a2b883def8f4835b |
| python-rbd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 0baeba4814b98fa96e28f91dd3b41c26bc55c4f8c82321954ade598235755672 |
Red Hat Ceph Storage OSD 1.3
| SRPM | |
|---|---|
| ceph-0.94.5-14.el7cp.src.rpm | SHA-256: 380d53dc03d7a8bd415f4e1b65a7255ec03792364302a90b862f995481df2a67 |
| x86_64 | |
| ceph-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 39cf56d63e01d1b80ac9a7111a1fd822aae171e193a1ddbd2c096e5608e8d4a7 |
| ceph-common-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a0eeaa8b9c4d77faba387141e59869ade887ef762d32beeaf8af20c8570fc0ef |
| ceph-debuginfo-0.94.5-14.el7cp.x86_64.rpm | SHA-256: bb587a844a87452f297e7d41dab675aa87b88ef45f66f222491b495907fe38ae |
| ceph-osd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 96f6ac7ad87170d52cca3e688191e2392177d918933a8339bc5a4fb0f1f6b27b |
| ceph-selinux-0.94.5-14.el7cp.x86_64.rpm | SHA-256: c15faccb4c85b27d7866fad99f2fef108ed65799f894cbf8cbf7dd2d71f9e0d2 |
| ceph-test-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 1bf544f4bbe8103478c3011bde5f2710ae5ee6def7c08bfabc03fcbb1a2aeed9 |
| librados2-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 10c4ac90ff639497bbcd4266ed3cd3116e86d452fa4844b6f8f51c07be754fc7 |
| librados2-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6bfe8f1253914df2be49fdf853ecdaecc038f8c448d5b2b40e23d2584246cb12 |
| librbd1-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 6856c7b8d61a1d7b61ebc0f93a74c34710431db458e5cfcad25b6893be62587d |
| librbd1-devel-0.94.5-14.el7cp.x86_64.rpm | SHA-256: ef1f019ae40b0582251c9b51ee3d58818046399e5b30b559d6804a7d1c59faf3 |
| python-rados-0.94.5-14.el7cp.x86_64.rpm | SHA-256: a7f1e40605c95fa271a4b16a3683b9b9cee44d267c5bebe0a2b883def8f4835b |
| python-rbd-0.94.5-14.el7cp.x86_64.rpm | SHA-256: 0baeba4814b98fa96e28f91dd3b41c26bc55c4f8c82321954ade598235755672 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.