{"id":"RHSA-2021:1518","summary":"Red Hat Security Advisory: Red Hat Ceph Storage 3.3 Security and Bug Fix Update","modified":"2026-03-11T07:19:30.237070Z","published":"2024-09-13T22:13:48Z","upstream":["CVE-2020-12059","CVE-2020-13379","CVE-2020-27781","CVE-2021-3139"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2021:1518"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1650209"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652233"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827262"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1829821"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830329"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1832372"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842390"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843640"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871035"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1876551"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882724"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1887661"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1894426"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1896392"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1896448"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900109"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906293"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915070"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915078"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1916045"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1947072"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948050"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1518.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-12059"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-12059"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12059"},{"type":"ARTICLE","url":"https://ceph.io/releases/v13-2-10-mimic-released/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-13379"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-13379"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13379"},{"type":"ARTICLE","url":"https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/"},{"type":"ARTICLE","url":"https://www.openwall.com/lists/oss-security/2020/06/09/2/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-27781"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-27781"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27781"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3139"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-3139"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3139"}],"affected":[{"package":{"name":"ceph","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-base","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-common","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-debuginfo","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-fuse","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-fuse"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-mds","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-mds"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-mgr","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-mgr"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-mon","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-mon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-osd","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-osd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-radosgw","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-radosgw"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-selinux","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-test","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"libcephfs-devel","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/libcephfs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"libcephfs2","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/libcephfs2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"librados-devel","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/librados-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"librados2","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/librados2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"libradosstriper1","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/libradosstriper1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"librbd-devel","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/librbd-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"librbd1","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/librbd1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"librgw-devel","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/librgw-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"librgw2","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/librgw2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"python-cephfs","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/python-cephfs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"python-rados","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/python-rados"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"python-rbd","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/python-rbd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"python-rgw","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/python-rgw"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"rbd-mirror","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/rbd-mirror"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.2.12-139.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"ceph-ansible","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/ceph-ansible"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.56-1.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"cephmetrics","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/cephmetrics"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.10-1.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"cephmetrics-ansible","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/cephmetrics-ansible"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.10-1.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"grafana","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/grafana"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.2.4-3.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"tcmu-runner","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/tcmu-runner"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.0-3.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}},{"package":{"name":"tcmu-runner-debuginfo","ecosystem":"Red Hat:ceph_storage:3::el7","purl":"pkg:rpm/redhat/tcmu-runner-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.0-3.el7cp"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:1518.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}]}