Description of problem: Right now, in Server::dispatch(), we abort the MDS if we get a message type we don't understand. This is horrible: it means that any malicious client can crash the server by just sending a message of a new type to the server! That's a trivial denial of service. Besides malicious clients, it also means that when there's a protocol issue such as a new client erroneously sending new messages to the server, it crashes the whole system instead of just the new client. Need to make sure MDS closes the session and blocklists the client on receiving unknown messages. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Red Hat Ceph Storage 5.3 Bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:0980