Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 791253 (CVE-2021-3531) - <sys-cluster/ceph-{14.2.21,15.2.12,16.2.4}: RGW unauthenticated denial of service (CVE-2021-3531)
Summary: <sys-cluster/ceph-{14.2.21,15.2.12,16.2.4}: RGW unauthenticated denial of ser...
Status: RESOLVED FIXED
Alias: CVE-2021-3531
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.openwall.com/lists/oss-se...
Whiteboard: B3 [glsa+ cve]
Keywords: CC-ARCHES, STABLEREQ
Depends on:
Blocks: CVE-2020-25678, CVE-2021-20288
  Show dependency tree
 
Reported: 2021-05-21 03:09 UTC by John Helmert III
Modified: 2021-05-26 20:58 UTC (History)
4 users (show)

See Also:
Package list:
sys-cluster/ceph-14.2.21
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-05-21 03:09:36 UTC
https://www.openwall.com/lists/oss-security/2021/05/14/5

"Hello,
A flaw was found in the Red Hat Ceph Storage RGW. When processing a GET
Request for a swift URL that ends with two slashes it can cause the rgw to
crash, resulting in a denial of service.

We have assigned it a CVE of CVE-2021-3531 and a patch is attached.

Fixes may be found here:

Nautilus:
https://github.com/ceph/ceph/commit/f44a8ae8aa27ecef69528db9aec220f12492810e
Octopus:
https://github.com/ceph/ceph/commit/b87e64e3206210580f4a6df2d77f9ae3f1033039
Pacific:
https://github.com/ceph/ceph/commit/bf06990ab41d7ac299e4441ad9cd434e926a18e7"

Fixes are currently in no release.
Comment 1 Thomas Deutschmann gentoo-dev Security 2021-05-24 14:49:42 UTC
Fixed in v14.2.21,
Comment 2 Sam James archtester gentoo-dev Security 2021-05-24 20:44:03 UTC
amd64 done

all arches done
Comment 3 Sam James archtester gentoo-dev Security 2021-05-24 21:23:13 UTC
Pleas cleanup.
Comment 4 Larry the Git Cow gentoo-dev 2021-05-26 20:55:18 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8de8aea99fb92f1cf48d1cb803ada4d4aaa520f6

commit 8de8aea99fb92f1cf48d1cb803ada4d4aaa520f6
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2021-05-26 20:55:09 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2021-05-26 20:55:09 +0000

    sys-cluster/ceph: security cleanup
    
    Bug: https://bugs.gentoo.org/791253
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 sys-cluster/ceph/Manifest            |   5 -
 sys-cluster/ceph/ceph-14.2.19.ebuild | 394 ------------------------------
 sys-cluster/ceph/ceph-14.2.20.ebuild | 394 ------------------------------
 sys-cluster/ceph/ceph-15.2.11.ebuild | 405 -------------------------------
 sys-cluster/ceph/ceph-16.2.1.ebuild  | 448 ----------------------------------
 sys-cluster/ceph/ceph-16.2.3.ebuild  | 449 -----------------------------------
 6 files changed, 2095 deletions(-)
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 20:58:54 UTC
This issue was resolved and addressed in
 GLSA 202105-39 at https://security.gentoo.org/glsa/202105-39
by GLSA coordinator Thomas Deutschmann (whissi).