CVE-2024-47866 Ceph: RGW DoS via improper input validation.

["Sage [They / Them] McTaggart" <amctagga () redhat com>]

Hello all,
A flaw was found in Ceph's RGW module. An attacker can use improper input
validation to create a Denial Of Service within RGW. By using the argument
`x-amz-copy-source` to put an object and specifying an empty string as its
content , it will lead to the RGW daemon crashing, resulting in a DoS
attack.

Our public advisory may be found at the following URL:
https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8

We have assigned it a CVE of CVE-2024-47866 with a CVSS Score of 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
It is fixed in an upstream PR[1] and will be backported promptly to other
releases.
In downstream Ceph, it will be patched in Ceph 8.1z4 [2] set to be released
this week.

[1]https://github.com/ceph/ceph/pull/65159
[2] https://www.ibm.com/docs/en/storage-ceph/8.1.0?topic=release-notes-81

Credits to: Ying Wang for discovery.

Sage McTaggart
IBM Product Security

amct () redhat com

sagemct () ibm com


Pronouns:They/Them/Theirs