Bug 1170170 (CVE-2020-12059) - VUL-0: CVE-2020-12059: ceph: specially crafted XML payload on POST requests can crash RGW leading to DOS
Summary: VUL-0: CVE-2020-12059: ceph: specially crafted XML payload on POST requests c...
Status: RESOLVED FIXED
Alias: CVE-2020-12059
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Abhishek Lekshmanan
QA Contact: Security Team bot
URL:
Whiteboard: CVSSv2:NVD:CVE-2020-12059:5.0:(AV:N/...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-22 09:38 UTC by Alexandros Toptsoglou
Modified: 2020-10-21 09:27 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
patch (1009 bytes, patch)
2020-04-22 09:42 UTC, Alexandros Toptsoglou
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2020-04-22 09:38:41 UTC
a POST request with an invalid tagging XML can crash the RGW process by triggering a null pointer exception , the only affected upstream
codebase is Mimic (& retired Luminous)
Comment 1 Alexandros Toptsoglou 2020-04-22 09:42:33 UTC
Created attachment 836390 [details]
patch
Comment 2 Alexandros Toptsoglou 2020-04-22 11:20:49 UTC
Reference 

https://tracker.ceph.com/issues/44967
Comment 3 Alexandros Toptsoglou 2020-04-22 11:41:50 UTC
Tracked as affected ses5
Comment 5 Swamp Workflow Management 2020-04-30 13:16:31 UTC
SUSE-SU-2020:1158-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1170170
CVE References: CVE-2020-12059
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE OpenStack Cloud 8 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12-SP5 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12-SP4 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Enterprise Storage 5 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
HPE Helion Openstack 8 (src):    ceph-12.2.12+git.1587570958.35d78d0243-2.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Nathan Cutler 2020-05-11 17:25:46 UTC
Alex, the fix was implemented by the following Maintenance Incident:

* https://smelt.suse.de/incident/14853/

Since the incident's status is "done", does that mean the fix is now shipping to customers and this bug can be closed?
Comment 7 Alexandros Toptsoglou 2020-05-12 07:21:19 UTC
(In reply to Nathan Cutler from comment #6)
> Alex, the fix was implemented by the following Maintenance Incident:
> 
> * https://smelt.suse.de/incident/14853/
> 
> Since the incident's status is "done", does that mean the fix is now
> shipping to customers and this bug can be closed?

Thanks for pointing out. Closing