CVE-2018-16846
- Source
- https://cve.org/CVERecord?id=CVE-2018-16846
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16846.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-16846
- Downstream
- Related
- Published
- 2019-01-15T18:29:00.247Z
- Modified
- 2026-04-10T04:06:51.557898Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
- References
-
- https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html
- https://usn.ubuntu.com/4035-1/
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
- https://access.redhat.com/errata/RHSA-2019:2538
- https://access.redhat.com/errata/RHSA-2019:2541
- https://ceph.com/releases/13-2-4-mimic-released/
- https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16846
Affected packages
Git / github.com/ceph/ceph
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ceph/ceph
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "13.2.4" }, { "introduced": "0" }, { "last_affected": "9.0" }, { "introduced": "0" }, { "last_affected": "15.0" } ] }
Affected versions
v0.*
v0.1
v0.18
v0.19
v0.2
v0.4
v0.5
v0.6
v0.7.1
v0.7.2
v0.7.3
v0.9
v11.*
v11.0.0
v13.*
v13.0.0
v13.1.0
v13.1.1
v13.2.0
v13.2.1
v13.2.2
v13.2.3
v14.*
v14.0.0
v15.*
v15.0.0
v9.*
v9.0.0
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "19.04"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16846.json"