Bug #24837
Updated by Sage Weil almost 6 years ago
The signature check code was validating only the first (32-byte) of two blocks, and thus did not cover all of the crc fields (notably not data_crc).
Fixes are in place:
master: 8f396cf35a3826044b089141667a196454c0a587
mimic: 436b08688a5be238280a6e93de8658c10d72044c
luminous: a2b04cc337a6f6f7b7a8b02bf31a8f3448670645
jewel: 546d15b25eb2af8b27ec509344c1a45387f77a57
CVE-2018-1129
Reported-by: Radoslaw Zarzynski <rzarzyns@redhat.com>