CephFS Permissie Escalatie Vulnerabiliteit in Ceph Fuse gemonteerde FS
Platform
linux
Component
ceph
Opgelost in
17.2.8
18.2.2
19.0.1
CVE-2025-52555 is a privilege escalation vulnerability discovered in Ceph, a distributed storage platform. This flaw allows an unprivileged user to escalate their privileges to root within a CephFS environment mounted via ceph-fuse. The vulnerability impacts Ceph versions 17.2.1 through 19.2.2 and is addressed in versions 17.2.8, 18.2.5, and 19.2.3.
Impact en Aanvalsscenarioswordt vertaald…
The impact of CVE-2025-52555 is significant due to the potential for complete system compromise. An attacker exploiting this vulnerability can gain root access on the host running the ceph-fuse client. This allows them to read, write, and execute arbitrary code, effectively taking control of the system. The vulnerability arises from a misconfiguration where an unprivileged user can modify the permissions of directories owned by root within a mounted CephFS. By changing the permissions to 777, the attacker bypasses normal access controls and gains unrestricted access. This could lead to data breaches, system disruption, and further lateral movement within the network.
Uitbuitingscontextwordt vertaald…
While no public exploits are currently known, the vulnerability's ease of exploitation raises concerns. The vulnerability is not listed on the CISA KEV catalog as of this writing. Public proof-of-concept code is not yet available, but the simplicity of the attack suggests it could be developed quickly. The potential for widespread impact, given the prevalence of Ceph in enterprise environments, warrants careful attention.
Wie Loopt Risicowordt vertaald…
Organizations heavily reliant on Ceph for storage, particularly those with environments where unprivileged users have access to ceph-fuse mounted file systems, are at risk. Shared hosting environments and deployments with overly permissive file permissions are especially vulnerable.
Detectiestappenwordt vertaald…
• linux / server:
journalctl -u ceph-fuse -g 'chmod 777' | grep -i 'permission granted'• linux / server:
find /mnt/cephfs -type d -user root -perm 777• linux / server:
ps aux | grep ceph-fuse | grep -i 'chmod 777'Aanvalstijdlijn
- Disclosure
Public Disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.03% (7% percentiel)
CISA SSVC
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Aangrenzend — netwerknabijheid vereist: zelfde LAN, Bluetooth of lokaal draadloos segment.
- Attack Complexity
- Hoog — vereist een race condition, niet-standaard configuratie of specifieke omstandigheden.
- Privileges Required
- Laag — elk geldig gebruikersaccount is voldoende.
- User Interaction
- Geen — automatische en stille aanval. Slachtoffer doet niets.
- Scope
- Gewijzigd — aanval kan voorbij het kwetsbare component uitbreiden naar andere systemen.
- Confidentiality
- Hoog — volledig verlies van vertrouwelijkheid. Aanvaller kan alle gegevens lezen.
- Integrity
- Laag — aanvaller kan enkele gegevens met beperkte omvang aanpassen.
- Availability
- Geen — geen beschikbaarheidsimpact.
Getroffen Software
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation for CVE-2025-52555 is to upgrade Ceph to a patched version: 17.2.8, 18.2.5, or 19.2.3. If an immediate upgrade is not possible, a temporary workaround is to restrict the ability of unprivileged users to modify file permissions within the ceph-fuse mounted directories. This can be achieved through access control lists (ACLs) or other permission management tools. Additionally, monitor ceph-fuse processes for unusual activity and implement intrusion detection systems (IDS) to detect attempts to modify file permissions. After upgrading, verify the fix by attempting to chmod a root-owned directory to 777 and confirming that the operation is denied.
Hoe te verhelpenwordt vertaald…
Actualice Ceph a las versiones 17.2.8, 18.2.5 o 19.2.3, o a una versión posterior. Esto corrige la vulnerabilidad de escalada de privilegios en CephFS montado con Fuse. La actualización evitará que usuarios sin privilegios escalen a privilegios de root.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2025-52555 — Privilege Escalation in Ceph?
CVE-2025-52555 is a medium severity vulnerability in Ceph versions 17.2.1–19.2.2 that allows unprivileged users to gain root access by manipulating file permissions.
Am I affected by CVE-2025-52555 in Ceph?
You are affected if you are running Ceph versions 17.2.1 through 19.2.2 and have not upgraded to a patched version (17.2.8, 18.2.5, or 19.2.3).
How do I fix CVE-2025-52555 in Ceph?
Upgrade Ceph to version 17.2.8, 18.2.5, or 19.2.3. As a temporary workaround, restrict unprivileged user permissions on ceph-fuse mounted directories.
Is CVE-2025-52555 being actively exploited?
No active exploitation has been confirmed, but the vulnerability's simplicity suggests potential for exploitation.
Where can I find the official Ceph advisory for CVE-2025-52555?
Refer to the Ceph security advisory for detailed information and updates: [https://docs.ceph.com/en/latest/security/](https://docs.ceph.com/en/latest/security/)
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.