RHSA-2025:4664
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security, bug fix, and enhancement updates
CVSS Metrics
- v3.1•CRITICAL•Score: 9.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Systems
- redhat•ceph
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-base
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-base-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-common
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-common-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-debugsource
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-exporter-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-fuse
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-fuse-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-immutable-object-cache
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-immutable-object-cache-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-mds-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-mgr-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-mib
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-mon-client-nvmeof-debuginfo
< 2:18.2.1-329.el9cp
- redhat•ceph-mon-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-osd-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-radosgw-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-resource-agents
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-selinux
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•ceph-test-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•cephadm
< 2:18.2.1-329.el9cp
- redhat•cephfs-mirror-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•cephfs-top
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libcephfs-devel
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libcephfs2
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libcephfs2-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libcephsqlite-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•liboath
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•liboath-debuginfo
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•libpskc-debuginfo
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•librados-devel
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librados-devel-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librados2
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librados2-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libradospp-devel
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libradosstriper1
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•libradosstriper1-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librbd-devel
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librbd1
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librbd1-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librgw-devel
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librgw2
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•librgw2-debuginfo
< 2:18.2.1-329.el8cp | < 2:18.2.1-329.el9cp
- redhat•oath-toolkit
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•oath-toolkit-debuginfo
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•oath-toolkit-debugsource
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•oathtool-debuginfo
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
- redhat•pam_oath-debuginfo
< 0:2.6.12-1.el8cp | < 0:2.6.12-1.el9cp
Showing first 50 affected entries in server-rendered view.
References (80)
- https://access.redhat.com/errata/RHSA-2025:4664
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=2252788
- https://bugzilla.redhat.com/show_bug.cgi?id=2270948
- https://bugzilla.redhat.com/show_bug.cgi?id=2284356
- https://bugzilla.redhat.com/show_bug.cgi?id=2312113
- https://bugzilla.redhat.com/show_bug.cgi?id=2314387
- https://bugzilla.redhat.com/show_bug.cgi?id=2315596
- https://bugzilla.redhat.com/show_bug.cgi?id=2315885
- https://bugzilla.redhat.com/show_bug.cgi?id=2321291
- https://bugzilla.redhat.com/show_bug.cgi?id=2348763
- https://bugzilla.redhat.com/show_bug.cgi?id=2348935
- https://bugzilla.redhat.com/show_bug.cgi?id=2348945
- https://bugzilla.redhat.com/show_bug.cgi?id=2348968
- https://bugzilla.redhat.com/show_bug.cgi?id=2348970
- https://bugzilla.redhat.com/show_bug.cgi?id=2349078
- https://bugzilla.redhat.com/show_bug.cgi?id=2349723
- https://bugzilla.redhat.com/show_bug.cgi?id=2351271
- https://bugzilla.redhat.com/show_bug.cgi?id=2351465
- https://bugzilla.redhat.com/show_bug.cgi?id=2352965
- https://bugzilla.redhat.com/show_bug.cgi?id=2356050
- https://bugzilla.redhat.com/show_bug.cgi?id=2356542
- https://bugzilla.redhat.com/show_bug.cgi?id=2357889
- https://bugzilla.redhat.com/show_bug.cgi?id=2358123
- https://bugzilla.redhat.com/show_bug.cgi?id=2358562
- https://bugzilla.redhat.com/show_bug.cgi?id=2360911
- https://bugzilla.redhat.com/show_bug.cgi?id=2362258
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4664.json
- https://access.redhat.com/security/cve/CVE-2023-23934
- https://bugzilla.redhat.com/show_bug.cgi?id=2170243
- https://www.cve.org/CVERecord?id=CVE-2023-23934
- https://nvd.nist.gov/vuln/detail/CVE-2023-23934
- https://github.com/pallets/werkzeug/commit/cf275f42acad1b5950c50ffe8ef58fe62cdce028
- https://github.com/pallets/werkzeug/releases/tag/2.2.3
- https://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q
- https://access.redhat.com/security/cve/CVE-2023-25577
- https://bugzilla.redhat.com/show_bug.cgi?id=2170242
- https://www.cve.org/CVERecord?id=CVE-2023-25577
- https://nvd.nist.gov/vuln/detail/CVE-2023-25577
- https://github.com/pallets/werkzeug/commit/517cac5a804e8c4dc4ed038bb20dacd038e7a9f1
- https://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323
- https://access.redhat.com/security/cve/CVE-2023-46446
- https://bugzilla.redhat.com/show_bug.cgi?id=2250329
- https://www.cve.org/CVERecord?id=CVE-2023-46446
- https://nvd.nist.gov/vuln/detail/CVE-2023-46446
- https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
- https://access.redhat.com/security/cve/CVE-2023-48795
- https://bugzilla.redhat.com/show_bug.cgi?id=2254210
- https://www.cve.org/CVERecord?id=CVE-2023-48795
- https://nvd.nist.gov/vuln/detail/CVE-2023-48795
- https://access.redhat.com/solutions/7071748
- https://terrapin-attack.com/
- https://access.redhat.com/security/cve/CVE-2024-24790
- https://bugzilla.redhat.com/show_bug.cgi?id=2292787
- https://www.cve.org/CVERecord?id=CVE-2024-24790
- https://nvd.nist.gov/vuln/detail/CVE-2024-24790
- https://access.redhat.com/security/cve/CVE-2024-34069
- https://bugzilla.redhat.com/show_bug.cgi?id=2279451
- https://www.cve.org/CVERecord?id=CVE-2024-34069
- https://nvd.nist.gov/vuln/detail/CVE-2024-34069
- https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
- https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985
- https://access.redhat.com/security/cve/CVE-2024-42353
- https://bugzilla.redhat.com/show_bug.cgi?id=2305004
- https://www.cve.org/CVERecord?id=CVE-2024-42353
- https://nvd.nist.gov/vuln/detail/CVE-2024-42353
- https://github.com/Pylons/webob
- https://github.com/Pylons/webob/commit/f689bcf4f0a1f64f1735b1d5069aef5be6974b5b
- https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
- https://access.redhat.com/security/cve/CVE-2024-47191
- https://bugzilla.redhat.com/show_bug.cgi?id=2316488
- https://www.cve.org/CVERecord?id=CVE-2024-47191
- https://nvd.nist.gov/vuln/detail/CVE-2024-47191
- https://access.redhat.com/security/cve/CVE-2024-48916
- https://bugzilla.redhat.com/show_bug.cgi?id=2329846
- https://www.cve.org/CVERecord?id=CVE-2024-48916
- https://nvd.nist.gov/vuln/detail/CVE-2024-48916
- https://github.com/ceph/ceph/pull/60624/commits/919da3696668a07c6810dfa39301950c81c2eba4
- https://github.com/ceph/ceph/security/advisories/GHSA-5g9m-mmp6-93mq
- https://tracker.ceph.com/issues/68836