A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python-rbd-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python3-rgw-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python-cephfs-dbgsym": "12.2.12-0ubuntu0.18.04.5", "ceph-mds": "12.2.12-0ubuntu0.18.04.5", "python3-ceph-argparse": "12.2.12-0ubuntu0.18.04.5", "rbd-fuse-dbgsym": "12.2.12-0ubuntu0.18.04.5", "rbd-mirror-dbgsym": "12.2.12-0ubuntu0.18.04.5", "libradosstriper1-dbgsym": "12.2.12-0ubuntu0.18.04.5", "rbd-nbd": "12.2.12-0ubuntu0.18.04.5", "python3-rgw": "12.2.12-0ubuntu0.18.04.5", "ceph-mds-dbgsym": "12.2.12-0ubuntu0.18.04.5", "rados-objclass-dev": "12.2.12-0ubuntu0.18.04.5", "ceph-fuse-dbgsym": "12.2.12-0ubuntu0.18.04.5", "rbd-nbd-dbgsym": "12.2.12-0ubuntu0.18.04.5", "ceph-resource-agents": "12.2.12-0ubuntu0.18.04.5", "ceph-mgr": "12.2.12-0ubuntu0.18.04.5", "librbd1-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python3-cephfs-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python-ceph": "12.2.12-0ubuntu0.18.04.5", "ceph-common": "12.2.12-0ubuntu0.18.04.5", "python3-rbd-dbgsym": "12.2.12-0ubuntu0.18.04.5", "libcephfs2": "12.2.12-0ubuntu0.18.04.5", "libcephfs-java": "12.2.12-0ubuntu0.18.04.5", "rbd-fuse": "12.2.12-0ubuntu0.18.04.5", "ceph-test": "12.2.12-0ubuntu0.18.04.5", "python-rados": "12.2.12-0ubuntu0.18.04.5", "ceph-common-dbgsym": "12.2.12-0ubuntu0.18.04.5", "radosgw": "12.2.12-0ubuntu0.18.04.5", "libcephfs-jni": "12.2.12-0ubuntu0.18.04.5", "radosgw-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python3-cephfs": "12.2.12-0ubuntu0.18.04.5", "ceph-osd": "12.2.12-0ubuntu0.18.04.5", "python-rados-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python-rgw": "12.2.12-0ubuntu0.18.04.5", "librados-dev": "12.2.12-0ubuntu0.18.04.5", "libradosstriper-dev": "12.2.12-0ubuntu0.18.04.5", "ceph-fuse": "12.2.12-0ubuntu0.18.04.5", "ceph-mgr-dbgsym": "12.2.12-0ubuntu0.18.04.5", "librgw2": "12.2.12-0ubuntu0.18.04.5", "librados2": "12.2.12-0ubuntu0.18.04.5", "ceph": "12.2.12-0ubuntu0.18.04.5", "librados-dev-dbgsym": "12.2.12-0ubuntu0.18.04.5", "librados2-dbgsym": "12.2.12-0ubuntu0.18.04.5", "ceph-mon": "12.2.12-0ubuntu0.18.04.5", "ceph-mon-dbgsym": "12.2.12-0ubuntu0.18.04.5", "libcephfs2-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python-cephfs": "12.2.12-0ubuntu0.18.04.5", "librbd-dev": "12.2.12-0ubuntu0.18.04.5", "python-rgw-dbgsym": "12.2.12-0ubuntu0.18.04.5", "rbd-mirror": "12.2.12-0ubuntu0.18.04.5", "ceph-base-dbgsym": "12.2.12-0ubuntu0.18.04.5", "libcephfs-dev": "12.2.12-0ubuntu0.18.04.5", "ceph-osd-dbgsym": "12.2.12-0ubuntu0.18.04.5", "librbd1": "12.2.12-0ubuntu0.18.04.5", "python3-rados": "12.2.12-0ubuntu0.18.04.5", "python3-rbd": "12.2.12-0ubuntu0.18.04.5", "python-rbd": "12.2.12-0ubuntu0.18.04.5", "libcephfs-jni-dbgsym": "12.2.12-0ubuntu0.18.04.5", "python3-rados-dbgsym": "12.2.12-0ubuntu0.18.04.5", "ceph-test-dbgsym": "12.2.12-0ubuntu0.18.04.5", "librgw2-dbgsym": "12.2.12-0ubuntu0.18.04.5", "ceph-base": "12.2.12-0ubuntu0.18.04.5", "librgw-dev": "12.2.12-0ubuntu0.18.04.5", "libradosstriper1": "12.2.12-0ubuntu0.18.04.5" } ] }