| Revision Date: | 2017-12-20 | Version: | 1 | | Title: | CVE-2017-16818 on Ubuntu 16.04 LTS (xenial) - low. | | Description: | RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to rgw/rgw_iam_policy.cc, rgw/rgw_basic_types.h, and rgw/rgw_iam_types.h.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2017-16818
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT ceph package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT ceph-common package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT ceph-fs-common package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT ceph-fuse package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT ceph-mds package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT ceph-resource-agents package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT ceph-test package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libcephfs-java package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libcephfs-jni package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libcephfs1 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT librados2 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libradosstriper1 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT librbd1 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT librgw2 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT python-ceph package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT python-cephfs package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT python-rados package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT python-rbd package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT radosgw package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT rbd-fuse package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT rbd-mirror package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT rbd-nbd package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
|
|