The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "radosgw-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rest-bench-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rest-bench": "0.80.11-0ubuntu1.14.04.3", "radosgw-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs1-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-fuse": "0.80.11-0ubuntu1.14.04.3", "librados-dev": "0.80.11-0ubuntu1.14.04.3", "ceph-mds": "0.80.11-0ubuntu1.14.04.3", "rbd-fuse-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-fs-common": "0.80.11-0ubuntu1.14.04.3", "librados2": "0.80.11-0ubuntu1.14.04.3", "ceph-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph": "0.80.11-0ubuntu1.14.04.3", "librados-dev-dbgsym": "0.80.11-0ubuntu1.14.04.3", "librados2-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-mds-dbgsym": "0.80.11-0ubuntu1.14.04.3", "librbd-dev": "0.80.11-0ubuntu1.14.04.3", "ceph-fuse-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-fs-common-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-fuse-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-mds-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-resource-agents": "0.80.11-0ubuntu1.14.04.3", "librbd1-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs1-dbg": "0.80.11-0ubuntu1.14.04.3", "librbd1-dbgsym": "0.80.11-0ubuntu1.14.04.3", "libcephfs-dev": "0.80.11-0ubuntu1.14.04.3", "ceph-fs-common-dbg": "0.80.11-0ubuntu1.14.04.3", "librbd1": "0.80.11-0ubuntu1.14.04.3", "python-ceph": "0.80.11-0ubuntu1.14.04.3", "ceph-test-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-common": "0.80.11-0ubuntu1.14.04.3", "libcephfs-jni-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs-jni-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rest-bench-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs-java": "0.80.11-0ubuntu1.14.04.3", "ceph-test-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-test": "0.80.11-0ubuntu1.14.04.3", "rbd-fuse": "0.80.11-0ubuntu1.14.04.3", "libcephfs1": "0.80.11-0ubuntu1.14.04.3", "ceph-common-dbg": "0.80.11-0ubuntu1.14.04.3", "librados2-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs-jni": "0.80.11-0ubuntu1.14.04.3", "radosgw": "0.80.11-0ubuntu1.14.04.3", "ceph-common-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rbd-fuse-dbg": "0.80.11-0ubuntu1.14.04.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "radosgw-dbg": "10.2.7-0ubuntu0.16.04.1", "libcephfs1-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-dbg": "10.2.7-0ubuntu0.16.04.1", "ceph-mds": "10.2.7-0ubuntu0.16.04.1", "rbd-fuse-dbgsym": "10.2.7-0ubuntu0.16.04.1", "rbd-mirror-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-dbgsym": "10.2.7-0ubuntu0.16.04.1", "libradosstriper1-dbgsym": "10.2.7-0ubuntu0.16.04.1", "rbd-nbd": "10.2.7-0ubuntu0.16.04.1", "ceph-mds-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-fuse-dbg": "10.2.7-0ubuntu0.16.04.1", "ceph-fuse-dbgsym": "10.2.7-0ubuntu0.16.04.1", "rbd-nbd-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-resource-agents": "10.2.7-0ubuntu0.16.04.1", "librbd1-dbg": "10.2.7-0ubuntu0.16.04.1", "librbd1-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-fs-common-dbg": "10.2.7-0ubuntu0.16.04.1", "python-ceph": "10.2.7-0ubuntu0.16.04.1", "ceph-test-dbg": "10.2.7-0ubuntu0.16.04.1", "ceph-common": "10.2.7-0ubuntu0.16.04.1", "libcephfs-jni-dbg": "10.2.7-0ubuntu0.16.04.1", "rbd-fuse": "10.2.7-0ubuntu0.16.04.1", "libcephfs-java": "10.2.7-0ubuntu0.16.04.1", "ceph-test": "10.2.7-0ubuntu0.16.04.1", "python-rados": "10.2.7-0ubuntu0.16.04.1", "libcephfs1": "10.2.7-0ubuntu0.16.04.1", "radosgw": "10.2.7-0ubuntu0.16.04.1", "ceph-common-dbgsym": "10.2.7-0ubuntu0.16.04.1", "libcephfs-jni": "10.2.7-0ubuntu0.16.04.1", "radosgw-dbgsym": "10.2.7-0ubuntu0.16.04.1", "rbd-mirror-dbg": "10.2.7-0ubuntu0.16.04.1", "librados-dev": "10.2.7-0ubuntu0.16.04.1", "libradosstriper-dev": "10.2.7-0ubuntu0.16.04.1", "ceph-fuse": "10.2.7-0ubuntu0.16.04.1", "librgw2": "10.2.7-0ubuntu0.16.04.1", "ceph-fs-common": "10.2.7-0ubuntu0.16.04.1", "librados2": "10.2.7-0ubuntu0.16.04.1", "ceph": "10.2.7-0ubuntu0.16.04.1", "librados2-dbgsym": "10.2.7-0ubuntu0.16.04.1", "librgw2-dbg": "10.2.7-0ubuntu0.16.04.1", "librbd-dev": "10.2.7-0ubuntu0.16.04.1", "python-cephfs": "10.2.7-0ubuntu0.16.04.1", "ceph-fs-common-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-mds-dbg": "10.2.7-0ubuntu0.16.04.1", "rbd-mirror": "10.2.7-0ubuntu0.16.04.1", "libcephfs1-dbg": "10.2.7-0ubuntu0.16.04.1", "libcephfs-dev": "10.2.7-0ubuntu0.16.04.1", "librbd1": "10.2.7-0ubuntu0.16.04.1", "rbd-nbd-dbg": "10.2.7-0ubuntu0.16.04.1", "python-rbd": "10.2.7-0ubuntu0.16.04.1", "libcephfs-jni-dbgsym": "10.2.7-0ubuntu0.16.04.1", "libradosstriper1-dbg": "10.2.7-0ubuntu0.16.04.1", "librgw2-dbgsym": "10.2.7-0ubuntu0.16.04.1", "ceph-test-dbgsym": "10.2.7-0ubuntu0.16.04.1", "librgw-dev": "10.2.7-0ubuntu0.16.04.1", "ceph-common-dbg": "10.2.7-0ubuntu0.16.04.1", "librados2-dbg": "10.2.7-0ubuntu0.16.04.1", "libradosstriper1": "10.2.7-0ubuntu0.16.04.1", "rbd-fuse-dbg": "10.2.7-0ubuntu0.16.04.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "python-rbd-dbgsym": "12.2.0-0ubuntu1", "python3-rgw-dbgsym": "12.2.0-0ubuntu1", "python-cephfs-dbgsym": "12.2.0-0ubuntu1", "ceph-mds": "12.2.0-0ubuntu1", "python3-ceph-argparse": "12.2.0-0ubuntu1", "rbd-fuse-dbgsym": "12.2.0-0ubuntu1", "rbd-mirror-dbgsym": "12.2.0-0ubuntu1", "libradosstriper1-dbgsym": "12.2.0-0ubuntu1", "rbd-nbd": "12.2.0-0ubuntu1", "python3-rgw": "12.2.0-0ubuntu1", "ceph-mds-dbgsym": "12.2.0-0ubuntu1", "rados-objclass-dev": "12.2.0-0ubuntu1", "ceph-fuse-dbgsym": "12.2.0-0ubuntu1", "rbd-nbd-dbgsym": "12.2.0-0ubuntu1", "ceph-resource-agents": "12.2.0-0ubuntu1", "ceph-mgr": "12.2.0-0ubuntu1", "librbd1-dbgsym": "12.2.0-0ubuntu1", "python3-cephfs-dbgsym": "12.2.0-0ubuntu1", "python-ceph": "12.2.0-0ubuntu1", "ceph-common": "12.2.0-0ubuntu1", "python3-rbd-dbgsym": "12.2.0-0ubuntu1", "libcephfs2": "12.2.0-0ubuntu1", "libcephfs-java": "12.2.0-0ubuntu1", "rbd-fuse": "12.2.0-0ubuntu1", "ceph-test": "12.2.0-0ubuntu1", "python-rados": "12.2.0-0ubuntu1", "ceph-common-dbgsym": "12.2.0-0ubuntu1", "radosgw": "12.2.0-0ubuntu1", "libcephfs-jni": "12.2.0-0ubuntu1", "radosgw-dbgsym": "12.2.0-0ubuntu1", "python3-cephfs": "12.2.0-0ubuntu1", "ceph-osd": "12.2.0-0ubuntu1", "python-rados-dbgsym": "12.2.0-0ubuntu1", "python-rgw": "12.2.0-0ubuntu1", "librados-dev": "12.2.0-0ubuntu1", "libradosstriper-dev": "12.2.0-0ubuntu1", "ceph-fuse": "12.2.0-0ubuntu1", "ceph-mgr-dbgsym": "12.2.0-0ubuntu1", "librgw2": "12.2.0-0ubuntu1", "librados2": "12.2.0-0ubuntu1", "ceph": "12.2.0-0ubuntu1", "librados-dev-dbgsym": "12.2.0-0ubuntu1", "librados2-dbgsym": "12.2.0-0ubuntu1", "ceph-mon": "12.2.0-0ubuntu1", "ceph-mon-dbgsym": "12.2.0-0ubuntu1", "libcephfs2-dbgsym": "12.2.0-0ubuntu1", "python-cephfs": "12.2.0-0ubuntu1", "librbd-dev": "12.2.0-0ubuntu1", "python-rgw-dbgsym": "12.2.0-0ubuntu1", "rbd-mirror": "12.2.0-0ubuntu1", "ceph-base-dbgsym": "12.2.0-0ubuntu1", "libcephfs-dev": "12.2.0-0ubuntu1", "ceph-osd-dbgsym": "12.2.0-0ubuntu1", "librbd1": "12.2.0-0ubuntu1", "python3-rados": "12.2.0-0ubuntu1", "python3-rbd": "12.2.0-0ubuntu1", "python-rbd": "12.2.0-0ubuntu1", "libcephfs-jni-dbgsym": "12.2.0-0ubuntu1", "python3-rados-dbgsym": "12.2.0-0ubuntu1", "ceph-test-dbgsym": "12.2.0-0ubuntu1", "librgw2-dbgsym": "12.2.0-0ubuntu1", "ceph-base": "12.2.0-0ubuntu1", "librgw-dev": "12.2.0-0ubuntu1", "libradosstriper1": "12.2.0-0ubuntu1" } ] }