操作系统--麒麟信安操作系统,国产操作系统,麒麟信安云桌面—

公告ID (KylinSec-SA-2024-4101)

摘要:

ceph security update

安全等级: Medium

公告ID: KylinSec-SA-2024-4101

发布日期: 2024年11月8日

关联CVE: CVE-2023-46159

详细介绍

1. 漏洞描述

Ceph是一个大规模可扩展的开源分布式存储系统，它运行在普通硬件上，提供对象、块和文件系统存储。

安全修复：

IBM Storage Ceph的5.3z1、5.3z5和6.1z1版本可能会允许网络上的已认证用户通过RGW（Rados Gateway，Ceph的对象存储网关）导致拒绝服务攻击。IBM X-Force ID：268906。(CVE-2023-46159)

2. 影响范围

cve名称	产品	组件	是否受影响
CVE-2023-46159	KY3.5.2	ceph	Fixed

3. 影响组件

ceph

4. 修复版本

KY3.5.2

软件名称	架构	版本号
ceph-grafana-dashboards	noarch	16.2.7-21.ky3_5
ceph-mgr-cephadm	noarch	16.2.7-21.ky3_5
ceph-mgr-dashboard	noarch	16.2.7-21.ky3_5
ceph-mgr-diskprediction-local	noarch	16.2.7-21.ky3_5
ceph-mgr-k8sevents	noarch	16.2.7-21.ky3_5
ceph-mgr-modules-core	noarch	16.2.7-21.ky3_5
ceph-mgr-rook	noarch	16.2.7-21.ky3_5
ceph-prometheus-alerts	noarch	16.2.7-21.ky3_5
cephadm	noarch	16.2.7-21.ky3_5
cephfs-top	noarch	16.2.7-21.ky3_5
ceph	x86_64	16.2.7-21.ky3_5
ceph-base	x86_64	16.2.7-21.ky3_5
ceph-common	x86_64	16.2.7-21.ky3_5
ceph-fuse	x86_64	16.2.7-21.ky3_5
ceph-immutable-object-cache	x86_64	16.2.7-21.ky3_5
ceph-mds	x86_64	16.2.7-21.ky3_5
ceph-mgr	x86_64	16.2.7-21.ky3_5
ceph-mon	x86_64	16.2.7-21.ky3_5
ceph-osd	x86_64	16.2.7-21.ky3_5
ceph-radosgw	x86_64	16.2.7-21.ky3_5
ceph-resource-agents	x86_64	16.2.7-21.ky3_5
ceph-selinux	x86_64	16.2.7-21.ky3_5
ceph-test	x86_64	16.2.7-21.ky3_5
cephfs-mirror	x86_64	16.2.7-21.ky3_5
libcephfs-devel	x86_64	16.2.7-21.ky3_5
libcephfs2	x86_64	16.2.7-21.ky3_5
libcephsqlite	x86_64	16.2.7-21.ky3_5
libcephsqlite-devel	x86_64	16.2.7-21.ky3_5
librados-devel	x86_64	16.2.7-21.ky3_5
librados2	x86_64	16.2.7-21.ky3_5
libradospp-devel	x86_64	16.2.7-21.ky3_5
libradosstriper-devel	x86_64	16.2.7-21.ky3_5
libradosstriper1	x86_64	16.2.7-21.ky3_5
librbd-devel	x86_64	16.2.7-21.ky3_5
librbd1	x86_64	16.2.7-21.ky3_5
librgw-devel	x86_64	16.2.7-21.ky3_5
librgw2	x86_64	16.2.7-21.ky3_5
python3-ceph-argparse	x86_64	16.2.7-21.ky3_5
python3-ceph-common	x86_64	16.2.7-21.ky3_5
python3-cephfs	x86_64	16.2.7-21.ky3_5
python3-rados	x86_64	16.2.7-21.ky3_5
python3-rbd	x86_64	16.2.7-21.ky3_5
python3-rgw	x86_64	16.2.7-21.ky3_5
rados-objclass-devel	x86_64	16.2.7-21.ky3_5
rbd-fuse	x86_64	16.2.7-21.ky3_5
rbd-mirror	x86_64	16.2.7-21.ky3_5
rbd-nbd	x86_64	16.2.7-21.ky3_5
ceph	aarch64	16.2.7-21.ky3_5
ceph-base	aarch64	16.2.7-21.ky3_5
ceph-common	aarch64	16.2.7-21.ky3_5
ceph-fuse	aarch64	16.2.7-21.ky3_5
ceph-immutable-object-cache	aarch64	16.2.7-21.ky3_5
ceph-mds	aarch64	16.2.7-21.ky3_5
ceph-mgr	aarch64	16.2.7-21.ky3_5
ceph-mon	aarch64	16.2.7-21.ky3_5
ceph-osd	aarch64	16.2.7-21.ky3_5
ceph-radosgw	aarch64	16.2.7-21.ky3_5
ceph-resource-agents	aarch64	16.2.7-21.ky3_5
ceph-selinux	aarch64	16.2.7-21.ky3_5
ceph-test	aarch64	16.2.7-21.ky3_5
cephfs-mirror	aarch64	16.2.7-21.ky3_5
libcephfs-devel	aarch64	16.2.7-21.ky3_5
libcephfs2	aarch64	16.2.7-21.ky3_5
libcephsqlite	aarch64	16.2.7-21.ky3_5
libcephsqlite-devel	aarch64	16.2.7-21.ky3_5
librados-devel	aarch64	16.2.7-21.ky3_5
librados2	aarch64	16.2.7-21.ky3_5
libradospp-devel	aarch64	16.2.7-21.ky3_5
libradosstriper-devel	aarch64	16.2.7-21.ky3_5
libradosstriper1	aarch64	16.2.7-21.ky3_5
librbd-devel	aarch64	16.2.7-21.ky3_5
librbd1	aarch64	16.2.7-21.ky3_5
librgw-devel	aarch64	16.2.7-21.ky3_5
librgw2	aarch64	16.2.7-21.ky3_5
python3-ceph-argparse	aarch64	16.2.7-21.ky3_5
python3-ceph-common	aarch64	16.2.7-21.ky3_5
python3-cephfs	aarch64	16.2.7-21.ky3_5
python3-rados	aarch64	16.2.7-21.ky3_5
python3-rbd	aarch64	16.2.7-21.ky3_5
python3-rgw	aarch64	16.2.7-21.ky3_5
rados-objclass-devel	aarch64	16.2.7-21.ky3_5
rbd-fuse	aarch64	16.2.7-21.ky3_5
rbd-mirror	aarch64	16.2.7-21.ky3_5
rbd-nbd	aarch64	16.2.7-21.ky3_5

5. 修复方法

方法一：下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存，如 xxx.rpm
2、通过rpm命令升级，如 rpm -Uvh xxx.rpm

方法二：通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包，如 yum install 包名

操作系统+

1. 漏洞描述

2. 影响范围

3. 影响组件

4. 修复版本

KY3.5.2

5. 修复方法

6. 下载链接

KY3.5.2:

x86_64:

aarch64:

产品中心

解决方案

技术支持

生态与合作

分支机构