CVE-2019-10222: ceph: unauthenticated clients can crash RGW

[Alexandros Toptsoglou <atoptsoglou () suse com>]

Hi all,

an improper exception handling was found in RGW component of Ceph.
Please find the details below.

CVE-2019-10222: ceph: unauthenticated clients can crash RGW

Affected versions:
Nautilus (version 14.2.X)
Mimic (version 13.2.X)
Luminous (version 12.2.X) only if an experimental feature is enabled in
ceph.conf:
  enable_experimental_unrecoverable_data_corrupting_features=true
  enable experimental unrecoverable data corrupting features =
rgw-beast-frontend


Description:
An improper exception condition handling in Ceph allows to any single
unauthenticated
client to crash RGW component of Ceph by sending a special crafted HTTP
request which lead
to denial of service.
The vulnerability affects the RGW component of Ceph, specifically the
ceph-radosgw.

Mitigation:
Apply the fix of pull request in https://github.com/ceph/ceph/pull/29967

Timeline:
- 2019-08-07: Issue discovered.
- 2019-08-08: Issue reported to security () ceph io
- 2019-08-16: Coordinated release date set on 28th
- 2019-08-28: Disclosure

Reference:
https://bugzilla.suse.com/show_bug.cgi?id=1145093

Credit:
This vulnerability was discovered by Abhishek Lekshmanan of SUSE
Software Solutions Germany GmbH
-- 
Alexandros Toptsoglou <atoptsoglou () suse com>
Security Engineer
OpenPGP fingerprint: C270 3848 AA4A 783A 9848  BB06 56A3 3D9C B652 1869

SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nuremberg
Germany
(HRB 247165, AG München)
Managing Director: Felix Imendörffer

Attachment: signature.asc
Description: OpenPGP digital signature