Red Hat 9062 Published by

A Red Hat Ceph Storage 3.3 Security and Bug Fix Update has been released for Red Hat Enterprise Linux 7.



RHSA-2021:1518-01: Important: Red Hat Ceph Storage 3.3 Security and Bug Fix Update



=====================================================================
Red Hat Security Advisory

Synopsis: Important: Red Hat Ceph Storage 3.3 Security and Bug Fix Update
Advisory ID: RHSA-2021:1518-01
Product: Red Hat Ceph Storage
Advisory URL:   https://access.redhat.com/errata/RHSA-2021:1518
Issue date: 2021-05-06
CVE Names: CVE-2020-12059 CVE-2020-13379 CVE-2020-27781
CVE-2021-3139
=====================================================================

1. Summary:

An update is now available for Red Hat Ceph Storage 3.3 - Extended Life
Support on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Ceph Storage 3 MON - ELS - ppc64le, x86_64
Red Hat Ceph Storage 3 OSD - ELS - ppc64le, x86_64
Red Hat Ceph Storage 3 Tools - ELS - noarch, ppc64le, x86_64

3. Description:

Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.

The ceph-ansible package provides Ansible playbooks for installing,
maintaining, and upgrading Red Hat Ceph Storage.

Grafana is an open source, feature rich metrics dashboard and graph editor
for Graphite, InfluxDB & OpenTSDB.

The tcmu-runner packages provide a service that handles the complexity of
the LIO kernel target's userspace passthrough interface (TCMU). It presents
a C plugin API for extension modules that handle SCSI requests in ways not
possible or suitable to be handled by LIO's in-kernel backstores.

Security Fix(es):

* grafana: SSRF incorrect access control vulnerability allows
unauthenticated users to make grafana send HTTP requests to any URL
(CVE-2020-13379)

* ceph: User credentials can be manipulated and stolen by Native CephFS
consumers of OpenStack Manila (CVE-2020-27781)

* tcmu-runner: SCSI target (LIO) write to any block on ILO backstore
(CVE-2021-3139)

* ceph: specially crafted XML payload on POST requests leads to DoS by
crashing RGW (CVE-2020-12059)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

This advisory fixes the following bug:

* When rebooting OSDs, the `_OSD down_` tab in the `_CEPH Backend storage_`
dashboard shows the correct number of OSDs that is `down`. However, when
all OSDs are `up` again after the reboot, the tab continues showing the
number of `down` OSDs. With this update, both CLI and Grafana values are
matching during osd up/down operation and working as expected. (BZ#1652233)

All users of Red Hat Ceph Storage are advised to upgrade to these updated
packages.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

  https://access.redhat.com/articles/11258

5. Bugs fixed (  https://bugzilla.redhat.com/):

1650209 - [Ceph-Dashboard] Latency by Server report appears to be calculating the latency incorrectly.
1652233 - [ceph-metrics]'OSDs down' tab is not working properly in 'CEPH Backend storage' Dashboard
1827262 - CVE-2020-12059 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
1829821 - facing rgw error - "/builddir/build/BUILD/ceph-12.2.8/src/rgw/rgw_sync.cc: In function 'virtual int PurgePeriodLogsCR::operate()' thread 7efe125d1700 .. .../rgw_sync.cc: 2387: FAILED assert(cursor) "
1830329 - rgw_bucket_parse_bucket_key function is holding old tenant value, when this function is executed in a loop
1832372 - MDS may crash when evicting a client
1842390 - [GSS] cephmetrics grafana dashboard do not show disk IOPS/Throughput in RHCS 3.3
1843640 - CVE-2020-13379 grafana: SSRF incorrect access control vulnerability allows unauthenticated users to make grafana send HTTP requests to any URL
1871035 - [Ceph-Ansible]: ceph-ansible (3.2) deployment fails on pool creation because of exceeding max pgs value
1876551 - [ceph-ansible] : cluster configuration failed in step force peer addition as potential bootstrap peer saying object has no attribute
1882724 - containerized daemons die on dockerd restarts
1887661 - [GSS][RGW] ERROR: remove_expired_obj (rchs3.3z6)
1894426 - [GSS][RHCS3]high num_objects count in rgw.none bucket stats output
1896392 - [ceph-ansible] [ceph-container] : switch from rpm to containerized - OSDs not coming up after the switch saying encrypted device still in use
1896448 - [ceph-ansible] : switch from rpm to containerized - set proper permission - './block': Permission denied
1900109 - CVE-2020-27781 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
1901897 - osd containers fail to start when sr0 device is detected but no media is inserted
1906293 - [GSS] addition of osd getting failed in containerized RHCS environment with osd_auto_discovery: true
1915070 - [RGW] RGW failed assert (idx < m_upper_bound) in perf_counters
1915078 - rgw: omnibus 3.3 bucket listing correctness and perf issues
1916045 - CVE-2021-3139 tcmu-runner: SCSI target (LIO) write to any block on ILO backstore
1947072 - [container]: Osds are not deployed in containerized RHCS environment with osd_auto_discovery: false
1948050 - Switch to container playbook fails on colocated scenarios for Ubuntu OS

6. Package List:

Red Hat Ceph Storage 3 MON - ELS:

Source:
ceph-12.2.12-139.el7cp.src.rpm

ppc64le:
ceph-base-12.2.12-139.el7cp.ppc64le.rpm
ceph-common-12.2.12-139.el7cp.ppc64le.rpm
ceph-debuginfo-12.2.12-139.el7cp.ppc64le.rpm
ceph-mgr-12.2.12-139.el7cp.ppc64le.rpm
ceph-mon-12.2.12-139.el7cp.ppc64le.rpm
ceph-selinux-12.2.12-139.el7cp.ppc64le.rpm
libcephfs-devel-12.2.12-139.el7cp.ppc64le.rpm
libcephfs2-12.2.12-139.el7cp.ppc64le.rpm
librados-devel-12.2.12-139.el7cp.ppc64le.rpm
librados2-12.2.12-139.el7cp.ppc64le.rpm
libradosstriper1-12.2.12-139.el7cp.ppc64le.rpm
librbd-devel-12.2.12-139.el7cp.ppc64le.rpm
librbd1-12.2.12-139.el7cp.ppc64le.rpm
librgw-devel-12.2.12-139.el7cp.ppc64le.rpm
librgw2-12.2.12-139.el7cp.ppc64le.rpm
python-cephfs-12.2.12-139.el7cp.ppc64le.rpm
python-rados-12.2.12-139.el7cp.ppc64le.rpm
python-rbd-12.2.12-139.el7cp.ppc64le.rpm
python-rgw-12.2.12-139.el7cp.ppc64le.rpm

x86_64:
ceph-base-12.2.12-139.el7cp.x86_64.rpm
ceph-common-12.2.12-139.el7cp.x86_64.rpm
ceph-debuginfo-12.2.12-139.el7cp.x86_64.rpm
ceph-mgr-12.2.12-139.el7cp.x86_64.rpm
ceph-mon-12.2.12-139.el7cp.x86_64.rpm
ceph-selinux-12.2.12-139.el7cp.x86_64.rpm
ceph-test-12.2.12-139.el7cp.x86_64.rpm
libcephfs-devel-12.2.12-139.el7cp.x86_64.rpm
libcephfs2-12.2.12-139.el7cp.x86_64.rpm
librados-devel-12.2.12-139.el7cp.x86_64.rpm
librados2-12.2.12-139.el7cp.x86_64.rpm
libradosstriper1-12.2.12-139.el7cp.x86_64.rpm
librbd-devel-12.2.12-139.el7cp.x86_64.rpm
librbd1-12.2.12-139.el7cp.x86_64.rpm
librgw-devel-12.2.12-139.el7cp.x86_64.rpm
librgw2-12.2.12-139.el7cp.x86_64.rpm
python-cephfs-12.2.12-139.el7cp.x86_64.rpm
python-rados-12.2.12-139.el7cp.x86_64.rpm
python-rbd-12.2.12-139.el7cp.x86_64.rpm
python-rgw-12.2.12-139.el7cp.x86_64.rpm

Red Hat Ceph Storage 3 OSD - ELS:

Source:
ceph-12.2.12-139.el7cp.src.rpm

ppc64le:
ceph-base-12.2.12-139.el7cp.ppc64le.rpm
ceph-common-12.2.12-139.el7cp.ppc64le.rpm
ceph-debuginfo-12.2.12-139.el7cp.ppc64le.rpm
ceph-osd-12.2.12-139.el7cp.ppc64le.rpm
ceph-selinux-12.2.12-139.el7cp.ppc64le.rpm
libcephfs-devel-12.2.12-139.el7cp.ppc64le.rpm
libcephfs2-12.2.12-139.el7cp.ppc64le.rpm
librados-devel-12.2.12-139.el7cp.ppc64le.rpm
librados2-12.2.12-139.el7cp.ppc64le.rpm
libradosstriper1-12.2.12-139.el7cp.ppc64le.rpm
librbd-devel-12.2.12-139.el7cp.ppc64le.rpm
librbd1-12.2.12-139.el7cp.ppc64le.rpm
librgw-devel-12.2.12-139.el7cp.ppc64le.rpm
librgw2-12.2.12-139.el7cp.ppc64le.rpm
python-cephfs-12.2.12-139.el7cp.ppc64le.rpm
python-rados-12.2.12-139.el7cp.ppc64le.rpm
python-rbd-12.2.12-139.el7cp.ppc64le.rpm
python-rgw-12.2.12-139.el7cp.ppc64le.rpm

x86_64:
ceph-base-12.2.12-139.el7cp.x86_64.rpm
ceph-common-12.2.12-139.el7cp.x86_64.rpm
ceph-debuginfo-12.2.12-139.el7cp.x86_64.rpm
ceph-osd-12.2.12-139.el7cp.x86_64.rpm
ceph-selinux-12.2.12-139.el7cp.x86_64.rpm
ceph-test-12.2.12-139.el7cp.x86_64.rpm
libcephfs-devel-12.2.12-139.el7cp.x86_64.rpm
libcephfs2-12.2.12-139.el7cp.x86_64.rpm
librados-devel-12.2.12-139.el7cp.x86_64.rpm
librados2-12.2.12-139.el7cp.x86_64.rpm
libradosstriper1-12.2.12-139.el7cp.x86_64.rpm
librbd-devel-12.2.12-139.el7cp.x86_64.rpm
librbd1-12.2.12-139.el7cp.x86_64.rpm
librgw-devel-12.2.12-139.el7cp.x86_64.rpm
librgw2-12.2.12-139.el7cp.x86_64.rpm
python-cephfs-12.2.12-139.el7cp.x86_64.rpm
python-rados-12.2.12-139.el7cp.x86_64.rpm
python-rbd-12.2.12-139.el7cp.x86_64.rpm
python-rgw-12.2.12-139.el7cp.x86_64.rpm

Red Hat Ceph Storage 3 Tools - ELS:

Source:
ceph-12.2.12-139.el7cp.src.rpm
ceph-ansible-3.2.56-1.el7cp.src.rpm
cephmetrics-2.0.10-1.el7cp.src.rpm
grafana-5.2.4-3.el7cp.src.rpm
tcmu-runner-1.4.0-3.el7cp.src.rpm

noarch:
ceph-ansible-3.2.56-1.el7cp.noarch.rpm

ppc64le:
ceph-base-12.2.12-139.el7cp.ppc64le.rpm
ceph-common-12.2.12-139.el7cp.ppc64le.rpm
ceph-debuginfo-12.2.12-139.el7cp.ppc64le.rpm
ceph-fuse-12.2.12-139.el7cp.ppc64le.rpm
ceph-mds-12.2.12-139.el7cp.ppc64le.rpm
ceph-radosgw-12.2.12-139.el7cp.ppc64le.rpm
ceph-selinux-12.2.12-139.el7cp.ppc64le.rpm
libcephfs-devel-12.2.12-139.el7cp.ppc64le.rpm
libcephfs2-12.2.12-139.el7cp.ppc64le.rpm
librados-devel-12.2.12-139.el7cp.ppc64le.rpm
librados2-12.2.12-139.el7cp.ppc64le.rpm
libradosstriper1-12.2.12-139.el7cp.ppc64le.rpm
librbd-devel-12.2.12-139.el7cp.ppc64le.rpm
librbd1-12.2.12-139.el7cp.ppc64le.rpm
librgw-devel-12.2.12-139.el7cp.ppc64le.rpm
librgw2-12.2.12-139.el7cp.ppc64le.rpm
python-cephfs-12.2.12-139.el7cp.ppc64le.rpm
python-rados-12.2.12-139.el7cp.ppc64le.rpm
python-rbd-12.2.12-139.el7cp.ppc64le.rpm
python-rgw-12.2.12-139.el7cp.ppc64le.rpm
rbd-mirror-12.2.12-139.el7cp.ppc64le.rpm
tcmu-runner-1.4.0-3.el7cp.ppc64le.rpm
tcmu-runner-debuginfo-1.4.0-3.el7cp.ppc64le.rpm

x86_64:
ceph-base-12.2.12-139.el7cp.x86_64.rpm
ceph-common-12.2.12-139.el7cp.x86_64.rpm
ceph-debuginfo-12.2.12-139.el7cp.x86_64.rpm
ceph-fuse-12.2.12-139.el7cp.x86_64.rpm
ceph-mds-12.2.12-139.el7cp.x86_64.rpm
ceph-radosgw-12.2.12-139.el7cp.x86_64.rpm
ceph-selinux-12.2.12-139.el7cp.x86_64.rpm
cephmetrics-ansible-2.0.10-1.el7cp.x86_64.rpm
grafana-5.2.4-3.el7cp.x86_64.rpm
libcephfs-devel-12.2.12-139.el7cp.x86_64.rpm
libcephfs2-12.2.12-139.el7cp.x86_64.rpm
librados-devel-12.2.12-139.el7cp.x86_64.rpm
librados2-12.2.12-139.el7cp.x86_64.rpm
libradosstriper1-12.2.12-139.el7cp.x86_64.rpm
librbd-devel-12.2.12-139.el7cp.x86_64.rpm
librbd1-12.2.12-139.el7cp.x86_64.rpm
librgw-devel-12.2.12-139.el7cp.x86_64.rpm
librgw2-12.2.12-139.el7cp.x86_64.rpm
python-cephfs-12.2.12-139.el7cp.x86_64.rpm
python-rados-12.2.12-139.el7cp.x86_64.rpm
python-rbd-12.2.12-139.el7cp.x86_64.rpm
python-rgw-12.2.12-139.el7cp.x86_64.rpm
rbd-mirror-12.2.12-139.el7cp.x86_64.rpm
tcmu-runner-1.4.0-3.el7cp.x86_64.rpm
tcmu-runner-debuginfo-1.4.0-3.el7cp.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
  https://access.redhat.com/security/team/key/

7. References:

  https://access.redhat.com/security/cve/CVE-2020-12059
  https://access.redhat.com/security/cve/CVE-2020-13379
  https://access.redhat.com/security/cve/CVE-2020-27781
  https://access.redhat.com/security/cve/CVE-2021-3139
  https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at   https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.