CVE-2018-16846
published 2019-01-15CVE-2018-16846: It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | ceph | < ceph 12.2.11+dfsg1-1 (bookworm) | ceph 12.2.11+dfsg1-1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| opensuse | leap | — | — |
| redhat | ceph | < 13.2.4 | 13.2.4 |
| redhat | ceph | >= 0 < 12.2.11+dfsg1-1 | 12.2.11+dfsg1-1 |
| redhat | ceph | >= 0 < 12.2.11+dfsg1-1 | 12.2.11+dfsg1-1 |
| redhat | ceph | >= 0 < 12.2.11+dfsg1-1 | 12.2.11+dfsg1-1 |
| redhat | ceph | >= 0 < 12.2.11+dfsg1-1 | 12.2.11+dfsg1-1 |
| redhat | ceph | >= 0 < 10.2.11-0ubuntu0.16.04.2 | 10.2.11-0ubuntu0.16.04.2 |
| redhat | ceph_storage | — | — |
| redhat | ceph_storage | — | — |
| redhat | enterprise_linux_server | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.5MEDIUM