Actions
Bug #24838
closedmon: auth checks not correct for pool ops
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(RADOS):
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
The mon was not enforcing caps for pool ops correctly (which are used for managing unmanaged snapshots or even pool deletion).
Fixes are in place:
master: 975528f632f73fbffa3f1fee304e3bbe3296cffc
mimic: 4e1bc0cd6a0aaa76eb1936d1717a4ab07e179da6
luminous: ce0834dd17589ea243960a99b900c1e85cc64015
jewel: c41a2e696e26a7f747afeeeb44f96c322bd739af
CVE-2018-10861
Actions