CVE-2018-1129

LOW

Description

A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

http://tracker.ceph.com/issues/24837

https://access.redhat.com/errata/RHSA-2018:2177

https://access.redhat.com/errata/RHSA-2018:2179

https://access.redhat.com/errata/RHSA-2018:2261

https://access.redhat.com/errata/RHSA-2018:2274

https://bugzilla.redhat.com/show_bug.cgi?id=1576057

https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587

https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html

https://www.debian.org/security/2018/dsa-4339

Details

Source: MITRE

Published: 2018-07-10

Updated: 2019-08-29

Type: CWE-287

Risk Information

CVSS v2.0

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

ID	Name	Product	Family	Severity
132360	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2693)	Nessus	Huawei Local Security Checks	high
125282	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1287-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)	Nessus	SuSE Local Security Checks	high
124358	openSUSE Security Update : ceph (openSUSE-2019-1284)	Nessus	SuSE Local Security Checks	medium
123329	openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)	Nessus	SuSE Local Security Checks	high
122879	Debian DLA-1715-1 : linux-4.9 security update (Spectre)	Nessus	Debian Local Security Checks	high
122809	SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2019:0586-1)	Nessus	SuSE Local Security Checks	medium
120338	Fedora 28 : 1:ceph (2018-327707371e)	Nessus	Fedora Local Security Checks	medium
120118	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:2980-1)	Nessus	SuSE Local Security Checks	high
118939	Debian DSA-4339-1 : ceph - security update	Nessus	Debian Local Security Checks	medium
117988	openSUSE Security Update : the Linux Kernel (openSUSE-2018-1140)	Nessus	SuSE Local Security Checks	high
117800	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2858-1)	Nessus	SuSE Local Security Checks	high
117629	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)	Nessus	SuSE Local Security Checks	high
117523	openSUSE Security Update : the Linux Kernel (openSUSE-2018-1016)	Nessus	SuSE Local Security Checks	high
112079	SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2478-1)	Nessus	SuSE Local Security Checks	medium
111635	openSUSE Security Update : ceph (openSUSE-2018-854)	Nessus	SuSE Local Security Checks	medium
111559	Fedora 27 : 1:ceph (2018-8738f5f4a7)	Nessus	Fedora Local Security Checks	medium
111548	SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2193-1)	Nessus	SuSE Local Security Checks	medium
111364	RHEL 7 : Red Hat Ceph Storage 2.5 (RHSA-2018:2261)	Nessus	Red Hat Local Security Checks	medium
111145	RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)	Nessus	Red Hat Local Security Checks	medium