CVE 2019-10222
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
Related bugs and status
CVE-2019-10222 (Candidate) is related to these bugs:
Bug #1850754: ceph-volume lvm list is O(n^2)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1850754 | ceph-volume lvm list is O(n^2) | ceph (Ubuntu) | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | Ceph | Unknown | Unknown | ||
| 1850754 | ceph-volume lvm list is O(n^2) | ceph (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | ceph (Ubuntu Eoan) | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | Ubuntu Cloud Archive | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | Ubuntu Cloud Archive stein | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | Ubuntu Cloud Archive queens | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | Ubuntu Cloud Archive train | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | Ubuntu Cloud Archive rocky | Undecided | Fix Released | ||
| 1850754 | ceph-volume lvm list is O(n^2) | ceph (Ubuntu Disco) | Undecided | Won't Fix | ||
Bug #1850901: [SRU] ceph 14.2.4
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1850901 | [SRU] ceph 14.2.4 | ceph (Ubuntu) | Undecided | Fix Released | ||
| 1850901 | [SRU] ceph 14.2.4 | ceph (Ubuntu Focal) | Undecided | Fix Released | ||
| 1850901 | [SRU] ceph 14.2.4 | ceph (Ubuntu Eoan) | Undecided | Fix Released | ||
| 1850901 | [SRU] ceph 14.2.4 | Ubuntu Cloud Archive | Undecided | Fix Released | ||
| 1850901 | [SRU] ceph 14.2.4 | Ubuntu Cloud Archive train | Undecided | Fix Released | ||
| 1850901 | [SRU] ceph 14.2.4 | Ubuntu Cloud Archive ussuri | Undecided | Fix Released | ||
Bug #1851290: Add backport for (s390x) endian fixes to ceph nautilus
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1851290 | Add backport for (s390x) endian fixes to ceph nautilus | ceph (Ubuntu) | Medium | Fix Released | ||
| 1851290 | Add backport for (s390x) endian fixes to ceph nautilus | Ubuntu on IBM z Systems | Undecided | Fix Released | ||
| 1851290 | Add backport for (s390x) endian fixes to ceph nautilus | ceph (Ubuntu Eoan) | Medium | Fix Released | ||
| 1851290 | Add backport for (s390x) endian fixes to ceph nautilus | Ubuntu Cloud Archive | Medium | Fix Released | ||
| 1851290 | Add backport for (s390x) endian fixes to ceph nautilus | Ubuntu Cloud Archive ussuri | Medium | Fix Released | ||
| 1851290 | Add backport for (s390x) endian fixes to ceph nautilus | Ubuntu Cloud Archive train | Medium | Fix Released | ||
Bug #1855859: [SRU] ceph 13.2.7
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1855859 | [SRU] ceph 13.2.7 | ceph (Ubuntu) | Undecided | Invalid | ||
| 1855859 | [SRU] ceph 13.2.7 | ceph (Ubuntu Disco) | Undecided | Won't Fix | ||
| 1855859 | [SRU] ceph 13.2.7 | Ubuntu Cloud Archive | Undecided | Invalid | ||
| 1855859 | [SRU] ceph 13.2.7 | Ubuntu Cloud Archive stein | Undecided | Fix Released | ||
| 1855859 | [SRU] ceph 13.2.7 | Ubuntu Cloud Archive rocky | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
