openEuler 24.03 LTS update for ceph

1) Improper authentication

EUVDB-ID: #VU102357

Risk: High

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-48916

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests within the WebTokenEngine::validate_signature() function in src/rgw/rgw_rest_sts.cc. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

cephfs-top: before 18.2.2-6

cephadm: before 18.2.2-6

ceph-volume: before 18.2.2-6

ceph-resource-agents: before 18.2.2-6

ceph-prometheus-alerts: before 18.2.2-6

ceph-mib: before 18.2.2-6

ceph-mgr-rook: before 18.2.2-6

ceph-mgr-modules-core: before 18.2.2-6

ceph-mgr-k8sevents: before 18.2.2-6

ceph-mgr-diskprediction-local: before 18.2.2-6

ceph-mgr-dashboard: before 18.2.2-6

ceph-mgr-cephadm: before 18.2.2-6

ceph-grafana-dashboards: before 18.2.2-6

rbd-nbd: before 18.2.2-6

rbd-mirror: before 18.2.2-6

rbd-fuse: before 18.2.2-6

rados-objclass-devel: before 18.2.2-6

python3-rgw: before 18.2.2-6

python3-rbd: before 18.2.2-6

python3-rados: before 18.2.2-6

python3-cephfs: before 18.2.2-6

python3-ceph-common: before 18.2.2-6

python3-ceph-argparse: before 18.2.2-6

librgw2: before 18.2.2-6

librgw-devel: before 18.2.2-6

librbd1: before 18.2.2-6

librbd-devel: before 18.2.2-6

libradosstriper1: before 18.2.2-6

libradosstriper-devel: before 18.2.2-6

libradospp-devel: before 18.2.2-6

librados2: before 18.2.2-6

librados-devel: before 18.2.2-6

libcephsqlite-devel: before 18.2.2-6

libcephsqlite: before 18.2.2-6

libcephfs2: before 18.2.2-6

libcephfs-devel: before 18.2.2-6

cephfs-mirror: before 18.2.2-6

ceph-test: before 18.2.2-6

ceph-selinux: before 18.2.2-6

ceph-radosgw: before 18.2.2-6

ceph-osd: before 18.2.2-6

ceph-mon: before 18.2.2-6

ceph-mgr: before 18.2.2-6

ceph-mds: before 18.2.2-6

ceph-immutable-object-cache: before 18.2.2-6

ceph-fuse: before 18.2.2-6

ceph-exporter: before 18.2.2-6

ceph-debugsource: before 18.2.2-6

ceph-debuginfo: before 18.2.2-6

ceph-common: before 18.2.2-6

ceph-base: before 18.2.2-6

ceph: before 18.2.2-6

CPE2.3

• cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:cephfs-top:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:cephadm:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-volume:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-resource-agents:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-prometheus-alerts:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mib:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr-rook:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr-modules-core:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr-k8sevents:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr-diskprediction-local:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr-dashboard:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr-cephadm:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-grafana-dashboards:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:rbd-nbd:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:rbd-mirror:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:rbd-fuse:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:rados-objclass-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:python3-rgw:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:python3-rbd:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:python3-rados:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:python3-cephfs:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:python3-ceph-common:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:python3-ceph-argparse:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:librgw2:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:librgw-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:librbd1:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:librbd-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libradosstriper1:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libradosstriper-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libradospp-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:librados2:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:librados-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libcephsqlite-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libcephsqlite:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libcephfs2:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:libcephfs-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:cephfs-mirror:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-test:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-selinux:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-radosgw:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-osd:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mon:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mgr:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-mds:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-immutable-object-cache:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-fuse:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-exporter:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-common:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph-base:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:ceph:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1207

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.