Home

CVE-2021-3531

Description

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.257

Associated Vulnerability

VulnerabilityOS Platform
distributed storage and file system (USN-4998-1) ceph_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph_15.2.12-0ubuntu0.20.10.1_amd64.debLinux
distributed storage and file system (USN-4998-1) cephadm_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) cephadm_15.2.12-0ubuntu0.20.10.1_amd64.debLinux
distributed storage and file system (USN-4998-1) radosgw_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) radosgw_15.2.12-0ubuntu0.20.10.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr_15.2.12-0ubuntu0.20.10.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-base_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-base_15.2.12-0ubuntu0.20.10.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-common_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-common_15.2.12-0ubuntu0.20.10.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-rook_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-rook_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-cephadm_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-cephadm_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-dashboard_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-dashboard_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-k8sevents_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-k8sevents_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-modules-core_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-modules-core_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-diskprediction-cloud_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-diskprediction-cloud_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-diskprediction-local_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-diskprediction-local_15.2.12-0ubuntu0.20.10.1_all.debLinux
distributed storage and file system (USN-5128-1) ceph_16.2.6-0ubuntu0.21.04.2_amd64.debLinux
distributed storage and file system (USN-5128-1) ceph_12.2.13-0ubuntu0.18.04.10_i386.debLinux
distributed storage and file system (USN-5128-1) ceph_12.2.13-0ubuntu0.18.04.10_amd64.debLinux
distributed storage and file system (USN-5128-1) ceph-base_16.2.6-0ubuntu0.21.04.2_amd64.debLinux
distributed storage and file system (USN-5128-1) ceph-base_12.2.13-0ubuntu0.18.04.10_i386.debLinux
distributed storage and file system (USN-5128-1) ceph-base_12.2.13-0ubuntu0.18.04.10_amd64.debLinux
distributed storage and file system (USN-5128-1) ceph-common_16.2.6-0ubuntu0.21.04.2_amd64.debLinux
distributed storage and file system (USN-5128-1) ceph-common_12.2.13-0ubuntu0.18.04.10_i386.debLinux
distributed storage and file system (USN-5128-1) ceph-common_12.2.13-0ubuntu0.18.04.10_amd64.debLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-ansible-6.0.25.4-1.el8cp.noarch.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-base-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-common-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-debugsource-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-fuse-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-grafana-dashboards-16.2.7-98.el8cp.noarch.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-immutable-object-cache-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-iscsi-3.5-2.el8cp.noarch.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-mds-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-radosgw-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-resource-agents-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update ceph-selinux-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update cephadm-16.2.7-98.el8cp.noarch.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update cephadm-ansible-0.1-4.g6754c10.el8cp.noarch.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update cephfs-mirror-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update cephfs-top-16.2.7-98.el8cp.noarch.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update libcephfs-devel-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update libcephfs2-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update librados-devel-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update librados2-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update libradospp-devel-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update libradosstriper1-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update librbd-devel-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update librbd1-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update librgw-devel-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update librgw2-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update libtcmu-1.5.4-4.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update python3-ceph-argparse-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update python3-ceph-common-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update python3-cephfs-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update python3-rados-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update python3-rbd-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update python3-rgw-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update rbd-mirror-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update rbd-nbd-16.2.7-98.el8cp.x86_64.rpmLinux
(RHSA-2022:1174) Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update tcmu-runner-1.5.4-4.el8cp.x86_64.rpmLinux
distributed storage and file system (USN-4998-1) cephadm_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) radosgw_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr_15.2.12-0ubuntu0.20.04.1_amd64.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-rook_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-cephadm_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-dashboard_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-k8sevents_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-modules-core_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-diskprediction-cloud_15.2.12-0ubuntu0.20.04.1_all.debLinux
distributed storage and file system (USN-4998-1) ceph-mgr-diskprediction-local_15.2.12-0ubuntu0.20.04.1_all.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234