Ceph is a distributed network file system designed to provide excellent performance, reliability, and scalability.
A vulnerability has been discovered in Ceph. Please review the CVE identifier referenced below for details.
The ceph-crash.service runs the ceph-crash Python script as root. The script is operating in the directory /var/lib/ceph/crash which is controlled by the unprivileged ceph user (ceph:ceph mode 0750). The script periodically scans for new crash directories and forwards the content via `ceph crash post`.
There is no known workaround at this time.
All Ceph users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-cluster/ceph-17.2.6"