CVE-2019-10222 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	An improper exception condition handling in Ceph allows to any single unauthenticated client to crash RGW component of Ceph by sending a special crafted HTTP request which lead to denial of service. The vulnerability affects the RGW component of Ceph, specifically the ceph-radosgw.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1029	ceph	14.2.1-3	14.2.6-1	Medium	Fixed

References
https://marc.info/?l=oss-security&m=156701115910378 https://github.com/ceph/ceph/pull/29967 https://github.com/ceph/ceph/commit/29753dd3ca71bba8713fcf7a09c4bb51629a6f63

Notes
Fixed in 14.2.3.