mirror of https://github.com/ceph/ceph
44 lines
1.3 KiB
ReStructuredText
44 lines
1.3 KiB
ReStructuredText
.. _CVE-2022-0670:
|
|
|
|
CVE-2022-0670: Native-CephFS Manila Path-restriction bypass
|
|
===========================================================
|
|
|
|
Summary
|
|
-------
|
|
|
|
Users who were running OpenStack Manila to export native CephFS and who
|
|
upgraded their Ceph cluster from Nautilus (or earlier) to a later
|
|
major version were vulnerable to an attack by malicious users. The
|
|
vulnerability allowed users to obtain access to arbitrary portions of
|
|
the CephFS filesystem hierarchy instead of being properly restricted
|
|
to their own subvolumes. The vulnerability is due to a bug in the
|
|
"volumes" plugin in Ceph Manager. This plugin is responsible for
|
|
managing Ceph File System subvolumes, which are used by OpenStack
|
|
Manila services as a way to provide shares to Manila users.
|
|
|
|
Again, this vulnerability impacts only OpenStack Manila clusters that
|
|
provided native CephFS access to their users.
|
|
|
|
Affected versions
|
|
-----------------
|
|
|
|
Any version of Ceph running OpenStack Manila that was upgraded from Nautilus
|
|
or earlier.
|
|
|
|
Fixed versions
|
|
--------------
|
|
|
|
* Quincy v17.2.2 (and later)
|
|
* Pacific v16.2.10 (and later)
|
|
* Octopus v15.2.17
|
|
|
|
Recommendations
|
|
---------------
|
|
|
|
#. Users should upgrade to a patched version of Ceph at their earliest
|
|
convenience.
|
|
|
|
#. Administrators who are
|
|
concerned they may have been impacted should audit the CephX keys in
|
|
their cluster for proper path restrictions.
|