A flaw was found in the way signature calculation is handled by cephx protocol. The signature calculation is encrypting a 29 byte struct with 16-byte block AES cipher, and then using the first 8 bytes of the result as signature. This only covers first (16 by tes) cipher block, data_crc falls on second block.There are no known exploits against this, If attacker can alter the message payload any changes in data_crc will not be noticed or checked by signature check.
upstream fix: http://tracker.ceph.com/issues/24837 https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587
Created ceph tracking bugs for this issue: Affects: fedora-all [bug 1599408]
This issue has been addressed in the following products: Red Hat Ceph Storage 3.0 for Ubuntu 16.04 Via RHSA-2018:2177 https://access.redhat.com/errata/RHSA-2018:2177
This issue has been addressed in the following products: Red Hat Ceph Storage 3 for Red Hat Enterprise Linux 7 Via RHSA-2018:2179 https://access.redhat.com/errata/RHSA-2018:2179
This issue has been addressed in the following products: Red Hat Ceph Storage 2 for Ubuntu 16.04 Via RHSA-2018:2274 https://access.redhat.com/errata/RHSA-2018:2274
This issue has been addressed in the following products: Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7 Via RHSA-2018:2261 https://access.redhat.com/errata/RHSA-2018:2261
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-1129
Fixed upstream in versions: 10.2.11, 12.2.6, and 13.2.1 https://docs.ceph.com/en/latest/releases/jewel/#v10-2-11-jewel https://docs.ceph.com/en/latest/releases/luminous/#v12-2-6-luminous https://docs.ceph.com/en/latest/releases/mimic/#v13-2-1-mimic