Wind River Support Network

HomeDefectsLIN7-9962
Fixed

LIN7-9962 : Security Advisory - ceph - CVE-2018-1129

Created: Jul 16, 2018    Updated: Dec 24, 2018
Resolved Date: Aug 14, 2018
Found In Version: 7.0.0.28
Fix Version: 7.0.0.29
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

https://nvd.nist.gov/vuln/detail/CVE-2018-1129

Other Downloads


CVEs


Live chat
Online