PT-2021-8111 · Red Hat+5 · Red Hat Ceph Storage+5

Sage Mctaggart

Published

2021-11-19

Updated

2025-09-25

CVE-2021-3979

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Ceph Storage (affected versions not specified)

Description A key length flaw was found in the encryption algorithm of Red Hat Ceph Storage. This flaw allows an attacker to create a non-random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks. The vulnerability is related to the incorrect passing of the key length in the encryption algorithm. An attacker can exploit this flaw to gain access to confidential data and compromise their integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of a Broken Cryptographic Algorithm

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327CWE-287

Related Identifiers

BDU:2024-07305

CVE-2021-3979

DLA-3629-1

DLA-4310-1

MGASA-2022-0138

OESA-2022-1528

OPENSUSE-SU-2022_2818-1

OPENSUSE-SU-2022_4501-1

OPENSUSE-SU-2024:12195-1

RHSA-2022:1174

RHSA-2022:1716

SUSE-SU-2022:2817-1

SUSE-SU-2022:2818-1

SUSE-SU-2022:4501-1

SUSE-SU-2022_2818-1

SUSE-SU-2022_4501-1

USN-6063-1

Affected Products

Astra Linux

Debian

Linuxmint

Red Hat Ceph Storage

Suse

Ubuntu

PT-2021-8111 · Red Hat+5 · Red Hat Ceph Storage+5

CVE-2021-3979

Weakness Enumeration

Related Identifiers

Affected Products

References · 57