Main Vulnerability Database Vulnerabilities #VU72630

Incorrect default permissions in Ceph - CVE-2022-3650

Published: February 28, 2023

Vulnerability identifier: #VU72630

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear

CVE-ID: CVE-2022-3650

CWE-ID: CWE-276

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Red Hat Inc.

Affected software:
Ceph

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to ceph-crash.service runs the ceph-crash Python script with root privileges. The script is operating in the directory /var/lib/ceph/crash which is controlled by the unprivileged ceph user. A local user can inject arbitrary data into the crash dump and force the privileged script to write that file into an arbitrary location on the system, resulting in privilege escalation.

How to mitigate CVE-2022-3650

Install updates from vendor's website.

Sources

https://bugzilla.redhat.com/show_bug.cgi?id=2136909

Incorrect default permissions in Ceph - CVE-2022-3650

Detailed vulnerability description

How to mitigate CVE-2022-3650

Sources

Please verify you're human