From e6918187568dbd01842d8d1d2c808ce16a894239 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 21 Apr 2024 13:54:28 +0200 Subject: Adding upstream version 18.2.2. Signed-off-by: Daniel Baumann --- doc/security/CVE-2022-0670.rst | 43 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 doc/security/CVE-2022-0670.rst (limited to 'doc/security/CVE-2022-0670.rst') diff --git a/doc/security/CVE-2022-0670.rst b/doc/security/CVE-2022-0670.rst new file mode 100644 index 000000000..f2b90de2e --- /dev/null +++ b/doc/security/CVE-2022-0670.rst @@ -0,0 +1,43 @@ +.. _CVE-2022-0670: + +CVE-2022-0670: Native-CephFS Manila Path-restriction bypass +=========================================================== + +Summary +------- + +Users who were running OpenStack Manila to export native CephFS and who +upgraded their Ceph cluster from Nautilus (or earlier) to a later +major version were vulnerable to an attack by malicious users. The +vulnerability allowed users to obtain access to arbitrary portions of +the CephFS filesystem hierarchy instead of being properly restricted +to their own subvolumes. The vulnerability is due to a bug in the +"volumes" plugin in Ceph Manager. This plugin is responsible for +managing Ceph File System subvolumes, which are used by OpenStack +Manila services as a way to provide shares to Manila users. + +Again, this vulnerability impacts only OpenStack Manila clusters that +provided native CephFS access to their users. + +Affected versions +----------------- + +Any version of Ceph running OpenStack Manila that was upgraded from Nautilus +or earlier. + +Fixed versions +-------------- + +* Quincy v17.2.2 (and later) +* Pacific v16.2.10 (and later) +* Octopus v15.2.17 + +Recommendations +--------------- + +#. Users should upgrade to a patched version of Ceph at their earliest + convenience. + +#. Administrators who are + concerned they may have been impacted should audit the CephX keys in + their cluster for proper path restrictions. -- cgit v1.2.3