[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2023:1581-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":20,"duplicates":21,"related":22,"reserved_at":9,"published_at":26,"modified_at":27,"state":9,"summary":28,"references_raw":30,"kevs":136,"epss":9,"epss_history":137,"metrics":138,"affected":139},"SUSE-SU-2023:1581-1","Security update for ceph\n\nThis update for ceph fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2022-0670: Fixed user/tenant read/write access to an entire file system (bsc#1201837).\n- CVE-2022-3650: Fixed Python script that allowed privilege escalation from ceph to root (bsc#1204430).\n- CVE-2022-3854: Fixed possible DoS issue in ceph URL processing on RGW backends (bsc#1205025).\n\nBug fixes:\n\n- osd, tools, kv: non-aggressive, on-line trimming of accumulated dups (bsc#1199183).\n- ceph-volume: fix fast device alloc size on mulitple device  (bsc#1200262).\n- cephadm: update monitoring container images (bsc#1200501).\n- mgr/dashboard: prevent alert redirect (bsc#1200978).\n- mgr/volumes: Add subvolumegroup resize cmd (bsc#1201797).\n- monitoring/ceph-mixin: add RGW host to label info (bsc#1201976).\n- mgr/dashboard: enable addition of custom Prometheus alerts (bsc#1202077).\n- python-common: Add 'KB' to supported suffixes in SizeMatcher (bsc#1203375).\n- mgr/dashboard: fix rgw connect when using ssl (bsc#1205436).\n- ceph.spec.in: Add -DFMT_DEPRECATED_OSTREAM to CXXFLAGS (bsc#1202292).\n- cephfs-shell: move source to separate subdirectory (bsc#1201604).\n\nFix in previous release:\n\n- mgr/cephadm: try to get FQDN for configuration files (bsc#1196046).\n- When an RBD is mapped, it is attempted to be deployed as an OSD. (bsc#1187748).\n- OSD marked down causes wrong backfill_toofull (bsc#1188911).\n- cephadm: Fix iscsi client caps (allow mgr \u003Cservice status> calls) (bsc#1192838).\n- mgr/cephadm: fix and improve osd draining (bsc#1200317).\n- add iscsi and nfs to upgrade process (bsc#1206158).\n- mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments (bsc#1192840).\n",null,[],[],[],[14,16,18],{"_key":15},"CVE-2022-0670",{"_key":17},"CVE-2022-3650",{"_key":19},"CVE-2022-3854",[],[],[23,24,25],{"_key":15},{"_key":17},{"_key":19},"2023-03-27T08:31:30Z","2026-02-04T04:22:12.253260Z",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[31,38,43,47,51,55,59,63,67,71,75,79,83,87,91,95,99,103,107,111,115,119,123,128,132],{"url":32,"sources":33,"tags":36},"https://www.suse.com/support/update/announcement/2023/suse-su-20231581-1/",[34,35],"osv_suse","osv_opensuse",[37],"Advisory",{"url":39,"sources":40,"tags":41},"https://bugzilla.suse.com/1187748",[34,35],[42],"REPORT",{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1188911",[34,35],[42],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/1192838",[34,35],[42],{"url":52,"sources":53,"tags":54},"https://bugzilla.suse.com/1192840",[34,35],[42],{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1196046",[34,35],[42],{"url":60,"sources":61,"tags":62},"https://bugzilla.suse.com/1199183",[34,35],[42],{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/1200262",[34,35],[42],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/1200317",[34,35],[42],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/1200501",[34,35],[42],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/1200978",[34,35],[42],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/1201604",[34,35],[42],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/1201797",[34,35],[42],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/1201837",[34,35],[42],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/1201976",[34,35],[42],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/1202077",[34,35],[42],{"url":100,"sources":101,"tags":102},"https://bugzilla.suse.com/1202292",[34,35],[42],{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/1203375",[34,35],[42],{"url":108,"sources":109,"tags":110},"https://bugzilla.suse.com/1204430",[34,35],[42],{"url":112,"sources":113,"tags":114},"https://bugzilla.suse.com/1205025",[34,35],[42],{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/1205436",[34,35],[42],{"url":120,"sources":121,"tags":122},"https://bugzilla.suse.com/1206158",[34,35],[42],{"url":124,"sources":125,"tags":126},"https://www.suse.com/security/cve/CVE-2022-0670",[34,35],[127],"WEB",{"url":129,"sources":130,"tags":131},"https://www.suse.com/security/cve/CVE-2022-3650",[34,35],[127],{"url":133,"sources":134,"tags":135},"https://www.suse.com/security/cve/CVE-2022-3854",[34,35],[127],[],[],[],[140,153,158,162,168],{"ecosystem":141,"name":142,"vendor":143,"product":144,"cpe_part":9,"purl_type":145,"purl_namespace":143,"purl_name":144,"source":9,"versions":146},"openSUSE","ceph-test","opensuse","ceph-test&distro=openSUSE Leap 15.4","rpm",[147],{"version":148,"is_range":149,"range_type":150,"version_start":9,"version_start_type":9,"version_end":151,"version_end_type":152,"fixed_in":9},"lt16_2_11_58+g38d6afd3b78_150400_3_6_1",true,"ecosystem","16.2.11.58+g38d6afd3b78-150400.3.6.1","excluding",{"ecosystem":141,"name":154,"vendor":143,"product":155,"cpe_part":9,"purl_type":145,"purl_namespace":143,"purl_name":155,"source":9,"versions":156},"ceph","ceph&distro=openSUSE Leap 15.4",[157],{"version":148,"is_range":149,"range_type":150,"version_start":9,"version_start_type":9,"version_end":151,"version_end_type":152,"fixed_in":9},{"ecosystem":141,"name":154,"vendor":143,"product":159,"cpe_part":9,"purl_type":145,"purl_namespace":143,"purl_name":159,"source":9,"versions":160},"ceph&distro=openSUSE Leap Micro 5.3",[161],{"version":148,"is_range":149,"range_type":150,"version_start":9,"version_start_type":9,"version_end":151,"version_end_type":152,"fixed_in":9},{"ecosystem":163,"name":154,"vendor":164,"product":165,"cpe_part":9,"purl_type":145,"purl_namespace":164,"purl_name":165,"source":9,"versions":166},"SUSE Linux Enterprise","suse","ceph&distro=SUSE Linux Enterprise Micro 5.3",[167],{"version":148,"is_range":149,"range_type":150,"version_start":9,"version_start_type":9,"version_end":151,"version_end_type":152,"fixed_in":9},{"ecosystem":163,"name":154,"vendor":164,"product":169,"cpe_part":9,"purl_type":145,"purl_namespace":164,"purl_name":169,"source":9,"versions":170},"ceph&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4",[171],{"version":148,"is_range":149,"range_type":150,"version_start":9,"version_start_type":9,"version_end":151,"version_end_type":152,"fixed_in":9}]