mirror of
https://github.com/ceph/ceph
synced 2025-01-03 17:42:36 +00:00
44 lines
1.4 KiB
ReStructuredText
44 lines
1.4 KiB
ReStructuredText
|
.. _CVE-2022-0670:
|
||
|
|
|
||
|
|
CVE-2022-0670: Native-CephFS Manila Path-restriction bypass
|
||
|
|
===========================================================
|
||
|
|
|
||
|
|
Summary
|
||
|
|
-------
|
||
|
|
|
||
|
|
Users who were running OpenStack Manila to export native CephFS, who
|
||
|
|
upgraded their Ceph cluster from Nautilus (or earlier) to a later
|
||
|
|
major version, were vulnerable to an attack by malicious users. The
|
||
|
|
vulnerability allowed users to obtain access to arbitrary portions of
|
||
|
|
the CephFS filesystem hierarchy, instead of being properly restricted
|
||
|
|
to their own subvolumes. The vulnerability is due to a bug in the
|
||
|
|
"volumes" plugin in Ceph Manager. This plugin is responsible for
|
||
|
|
managing Ceph File System subvolumes which are used by OpenStack
|
||
|
|
Manila services as a way to provide shares to Manila users.
|
||
|
|
|
||
|
|
Again, this vulnerability only impacts OpenStack Manila clusters which
|
||
|
|
provided native CephFS access to their users.
|
||
|
|
|
||
|
|
Affected versions
|
||
|
|
-----------------
|
||
|
|
|
||
|
|
Any version of Ceph running OpenStack Manila that was upgraded from Nautilus
|
||
|
|
or earlier.
|
||
|
|
|
||
|
|
Fixed versions
|
||
|
|
--------------
|
||
|
|
|
||
|
|
* Quincy v17.2.2 (and later)
|
||
|
|
* Pacific v16.2.10 (and later)
|
||
|
|
* Octopus fix is forthcoming
|
||
|
|
|
||
|
|
Recommendations
|
||
|
|
---------------
|
||
|
|
|
||
|
|
#. Users should upgrade to a patched version of Ceph at their earliest
|
||
|
|
convenience.
|
||
|
|
|
||
|
|
#. Administrators who are
|
||
|
|
concerned they may have been impacted should audit the CephX keys in
|
||
|
|
their cluster for proper path restrictions.
|