Main Vulnerability Database SB2023081630

SB2023081630 - Ubuntu update for ceph

Published: August 16, 2023

Security Bulletin ID SB2023081630

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Incorrect default permissions (CVE-ID: CVE-2022-3650)

CWE-ID: CWE-276 - Incorrect Default Permissions

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to ceph-crash.service runs the ceph-crash Python script with root privileges. The script is operating in the directory /var/lib/ceph/crash which is controlled by the unprivileged ceph user. A local user can inject arbitrary data into the crash dump and force the privileged script to write that file into an arbitrary location on the system, resulting in privilege escalation.

Remediation

Install update from vendor's website.

References

https://ubuntu.com/security/notices/USN-6292-1