Launchpad.net

CVE 2018-10861

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

Related bugs and status

CVE-2018-10861 (Candidate) is related to these bugs:

Bug #1769252: [SRU] ceph 12.2.7

		In	Importance	Status
1769252	[SRU] ceph 12.2.7	ceph (Ubuntu)	Undecided	Invalid
1769252	[SRU] ceph 12.2.7	ceph (Ubuntu Bionic)	Medium	Fix Released
1769252	[SRU] ceph 12.2.7	Ubuntu Cloud Archive	Undecided	Invalid
1769252	[SRU] ceph 12.2.7	Ubuntu Cloud Archive queens	Medium	Fix Released
1769252	[SRU] ceph 12.2.7	Ubuntu Cloud Archive pike	Medium	Won't Fix

Bug #1784401: [SRU] ceph 10.2.11

		In	Importance	Status
1784401	[SRU] ceph 10.2.11	Ubuntu Cloud Archive	Undecided	Invalid
1784401	[SRU] ceph 10.2.11	ceph (Ubuntu)	Undecided	Invalid
1784401	[SRU] ceph 10.2.11	ceph (Ubuntu Xenial)	Medium	Fix Released
1784401	[SRU] ceph 10.2.11	Ubuntu Cloud Archive mitaka	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2018-10861

Related bugs and status

Related bugs

References