Published: 27/07/2018 Updated: 09/10/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ceph ceph -
debian debian linux 10.0

Debian Bug report logs - #864535 ceph: CVE-2017-7519: libradosstriper processes arbitrary printf placeholders in user input Package: src:ceph; Maintainer for src:ceph is Ceph Maintainers <ceph-maintainers@listscephcom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 10 Jun 2017 06:51:02 UTC Severi ...

Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system: The cephx authentication protocol was suspectible to replay attacks and calculated signatures incorrectly, ceph mon did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerab ...

In Ceph, a format string flaw was found in the way libradosstriper parses input from user A user could crash an application or service using the libradosstriper library ...

CWE-134 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7519 http://www.securityfocus.com/bid/99075 https://www.debian.org/security/2018/dsa-4339 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864535 https://nvd.nist.gov https://www.debian.org/security/./dsa-4339 https://access.redhat.com/security/cve/cve-2017-7519

CVE-2017-7519

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect