Actions
Bug #24836
closedauth: cephx authorizer subject to replay
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(RADOS):
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
The cephx authorizer does not have any challenge or nonce, and thus (if sniffed) can be reused by another session.
Fixes are in place:
master: f80b848d3f830eb6dba50123e04385173fa4540b
mimic: 4cbd72f11ecda4c28d1bf47328a4f8672295870a
luminous: 5ead97120e07054d80623dada90a5cc764c28468
jewel: 26816cd80ae245d351d5ce34d8af434fbc798602
CVE-2018-1128
Actions