diff options
Diffstat (limited to 'doc/security/CVE-2022-0670.rst')
-rw-r--r-- | doc/security/CVE-2022-0670.rst | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/doc/security/CVE-2022-0670.rst b/doc/security/CVE-2022-0670.rst new file mode 100644 index 000000000..e7863d1d9 --- /dev/null +++ b/doc/security/CVE-2022-0670.rst @@ -0,0 +1,43 @@ +.. _CVE-2022-0670: + +CVE-2022-0670: Native-CephFS Manila Path-restriction bypass +=========================================================== + +Summary +------- + +Users who were running OpenStack Manila to export native CephFS and who +upgraded their Ceph cluster from Nautilus (or earlier) to a later +major version were vulnerable to an attack by malicious users. The +vulnerability allowed users to obtain access to arbitrary portions of +the CephFS filesystem hierarchy instead of being properly restricted +to their own subvolumes. The vulnerability is due to a bug in the +"volumes" plugin in Ceph Manager. This plugin is responsible for +managing Ceph File System subvolumes, which are used by OpenStack +Manila services as a way to provide shares to Manila users. + +Again, this vulnerability impacts only OpenStack Manila clusters that +provided native CephFS access to their users. + +Affected versions +----------------- + +Any version of Ceph running OpenStack Manila that was upgraded from Nautilus +or earlier. + +Fixed versions +-------------- + +* Quincy v17.2.2 (and later) +* Pacific v16.2.10 (and later) +* Octopus fix is forthcoming + +Recommendations +--------------- + +#. Users should upgrade to a patched version of Ceph at their earliest + convenience. + +#. Administrators who are + concerned they may have been impacted should audit the CephX keys in + their cluster for proper path restrictions. |