Published: 17/01/2023 Updated: 23/12/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local malicious user to escalate privileges to root in the form of a crash dump, and dump privileged information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat ceph 16.2.9

Debian Bug report logs - #1024932 ceph-base: ceph to root privilege escalation via ceph-crashservice CVE-2022-3650 Package: ceph-base; Maintainer for ceph-base is Ceph Packaging Team <team+ceph@trackerdebianorg>; Source for ceph-base is src:ceph (PTS, buildd, popcon) Reported by: Helmut Grohne <helmut@subdivide> ...

Synopsis Important: Red Hat OpenShift Data Foundation 4121 security bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Data Foundation 4121 Bug Fix UpdateRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which giv ...

Synopsis Important: Red Hat Ceph Storage 53 Bug fix and security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Ceph Storage 53Red Hat Product Security has rated this upda ...

Description This CVE is under investigation by Red Hat Product Security ...

NVD-CWE-noinfo https://seclists.org/oss-sec/2022/q4/41 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OEVVWT5ZFLYCVZNDJTDX7R6RY2W7JHP5/https://security.gentoo.org/glsa/202312-10 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024932 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2022-3650

CVE-2022-3650

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect