USN-3452-1

Advisory lineage Upstream: 8 Downstream: 0

Upstream

CVE-2016-5009 CVE-2016-7031 CVE-2016-8626 CVE-2016-9579 UBUNTU-CVE-2016-5009 UBUNTU-CVE-2016-7031

Published: 11 Oct 2017, 12:07

Last modified:22 Apr 2026, 09:39

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Oct 2017, 12:07

Published

Vulnerability first disclosed

22 Apr 2026, 09:39

Last Modified

Vulnerability information updated

Description

ceph vulnerabilities It was discovered that Ceph incorrectly handled the handle_command function. A remote authenticated user could use this issue to cause Ceph to crash, resulting in a denial of service. (CVE-2016-5009) Rahul Aggarwal discovered that Ceph incorrectly handled the authenticated-read ACL. A remote attacker could possibly use this issue to list bucket contents via a URL. (CVE-2016-7031) Diluga Salome discovered that Ceph incorrectly handled certain POST objects with null conditions. A remote attacker could possibly use this issue to cuase Ceph to crash, resulting in a denial of service. (CVE-2016-8626) Yang Liu discovered that Ceph incorrectly handled invalid HTTP Origin headers. A remote attacker could possibly use this issue to cuase Ceph to crash, resulting in a denial of service. (CVE-2016-9579)

Affected Systems

ubuntu•ceph
< 0.80.11-0ubuntu1.14.04.3

USN-3452-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)