It was discovered that Ceph incorrectly handled the handle_command function. A remote authenticated user could use this issue to cause Ceph to crash, resulting in a denial of service. (CVE-2016-5009)
Rahul Aggarwal discovered that Ceph incorrectly handled the authenticated-read ACL. A remote attacker could possibly use this issue to list bucket contents via a URL. (CVE-2016-7031)
Diluga Salome discovered that Ceph incorrectly handled certain POST objects with null conditions. A remote attacker could possibly use this issue to cuase Ceph to crash, resulting in a denial of service. (CVE-2016-8626)
Yang Liu discovered that Ceph incorrectly handled invalid HTTP Origin headers. A remote attacker could possibly use this issue to cuase Ceph to crash, resulting in a denial of service. (CVE-2016-9579)
{ "availability": "No subscription required", "binaries": [ { "radosgw-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rest-bench-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rest-bench": "0.80.11-0ubuntu1.14.04.3", "radosgw-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs1-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-fuse": "0.80.11-0ubuntu1.14.04.3", "librados-dev": "0.80.11-0ubuntu1.14.04.3", "ceph-mds": "0.80.11-0ubuntu1.14.04.3", "rbd-fuse-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-fs-common": "0.80.11-0ubuntu1.14.04.3", "librados2": "0.80.11-0ubuntu1.14.04.3", "ceph-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph": "0.80.11-0ubuntu1.14.04.3", "librados-dev-dbgsym": "0.80.11-0ubuntu1.14.04.3", "librados2-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-mds-dbgsym": "0.80.11-0ubuntu1.14.04.3", "librbd-dev": "0.80.11-0ubuntu1.14.04.3", "ceph-fuse-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-fs-common-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-fuse-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-mds-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-resource-agents": "0.80.11-0ubuntu1.14.04.3", "librbd1-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs1-dbg": "0.80.11-0ubuntu1.14.04.3", "librbd1-dbgsym": "0.80.11-0ubuntu1.14.04.3", "libcephfs-dev": "0.80.11-0ubuntu1.14.04.3", "ceph-fs-common-dbg": "0.80.11-0ubuntu1.14.04.3", "librbd1": "0.80.11-0ubuntu1.14.04.3", "python-ceph": "0.80.11-0ubuntu1.14.04.3", "ceph-test-dbg": "0.80.11-0ubuntu1.14.04.3", "ceph-common": "0.80.11-0ubuntu1.14.04.3", "libcephfs-jni-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs-jni-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rest-bench-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs-java": "0.80.11-0ubuntu1.14.04.3", "ceph-test-dbgsym": "0.80.11-0ubuntu1.14.04.3", "ceph-test": "0.80.11-0ubuntu1.14.04.3", "rbd-fuse": "0.80.11-0ubuntu1.14.04.3", "libcephfs1": "0.80.11-0ubuntu1.14.04.3", "ceph-common-dbg": "0.80.11-0ubuntu1.14.04.3", "librados2-dbg": "0.80.11-0ubuntu1.14.04.3", "libcephfs-jni": "0.80.11-0ubuntu1.14.04.3", "radosgw": "0.80.11-0ubuntu1.14.04.3", "ceph-common-dbgsym": "0.80.11-0ubuntu1.14.04.3", "rbd-fuse-dbg": "0.80.11-0ubuntu1.14.04.3" } ] }