Bugzilla – Bug 1170170
VUL-0: CVE-2020-12059: ceph: specially crafted XML payload on POST requests can crash RGW leading to DOS
Last modified: 2020-10-21 09:27:00 UTC
a POST request with an invalid tagging XML can crash the RGW process by triggering a null pointer exception , the only affected upstream codebase is Mimic (& retired Luminous)
Created attachment 836390 [details] patch
Reference https://tracker.ceph.com/issues/44967
Tracked as affected ses5
SUSE-SU-2020:1158-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1170170 CVE References: CVE-2020-12059 Sources used: SUSE OpenStack Cloud Crowbar 8 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE OpenStack Cloud 8 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Server 12-SP5 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Server 12-SP4 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 SUSE Enterprise Storage 5 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 HPE Helion Openstack 8 (src): ceph-12.2.12+git.1587570958.35d78d0243-2.45.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Alex, the fix was implemented by the following Maintenance Incident: * https://smelt.suse.de/incident/14853/ Since the incident's status is "done", does that mean the fix is now shipping to customers and this bug can be closed?
(In reply to Nathan Cutler from comment #6) > Alex, the fix was implemented by the following Maintenance Incident: > > * https://smelt.suse.de/incident/14853/ > > Since the incident's status is "done", does that mean the fix is now > shipping to customers and this bug can be closed? Thanks for pointing out. Closing