The reuse of old keys to generate new ones, in conjunction with the ability for a user to request any global id, presents an opportunity for an attacker to request a previously valid global id without the corresponding prior key.
Acknowledgments: Name: Ilya Dryomov (Red Hat)
Statement: * Red Hat OpenShift Container Storage (RHOCS) 4 shipped ceph package for the usage of RHOCS 4.2 only, that has reached End Of Life. The shipped version of ceph package is no longer used and supported with the release of RHOCS 4.3. * Red Hat OpenStack Platform deployments use the ceph package directly from the Ceph channel; the RHOSP ceph package will not be updated at this time. * The ceph packages included in Red Hat Enterprise Linux only provide client side libraries and tools and therefore are not affected by this issue affecting ceph-mon service.
Upstream patches: https://github.com/ceph/ceph/commits/nautilus (commits on top of 14.2.19) https://github.com/ceph/ceph/commits/octopus (commits on top of 15.2.10) https://github.com/ceph/ceph/commits/pacific (commits on top of 16.2.0)
Merged into master: https://github.com/ceph/ceph/commit/f3a4166379b12d4a7bba667fe761e5b660552db1
Upstream trackers: https://tracker.ceph.com/issues/50452 https://tracker.ceph.com/issues/50453 https://tracker.ceph.com/issues/50454 https://tracker.ceph.com/issues/50455
Created ceph tracking bugs for this issue: Affects: fedora-all [bug 1952085]
This issue has been addressed in the following products: Red Hat Ceph Storage 4.2 Via RHSA-2021:2445 https://access.redhat.com/errata/RHSA-2021:2445
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-20288
This issue has been addressed in the following products: Red Hat Ceph Storage 3 - ELS Via RHSA-2022:1394 https://access.redhat.com/errata/RHSA-2022:1394