update 0010-fix-CVE-2022-3650.patch.

Signed-off-by: wangzengliang <wangzengliang2@huawei.com> (cherry picked from commit 67b668d6a1342e2ad0df4e9e3b3d08e34c2daac7)
2022-12-06 04:04:03 +00:00 · 2022-12-06 04:04:03 +00:00 · 7b44f5d737
commit 7b44f5d737
parent 4bcd422c7b
1 changed files with 7 additions and 0 deletions
--- a/0010-fix-CVE-2022-3650.patch
+++ b/0010-fix-CVE-2022-3650.patch
@ -2,7 +2,14 @@ From f4035e49ee4745cd384d48a2334be793ce8df461 Mon Sep 17 00:00:00 2001
 From: wangzengliang1 <wangzengliang1@huawei.com>
 Date: Mon, 5 Dec 2022 15:10:45 +0800
 Subject: [PATCH] fix
+ceph-crash: drop privleges to run as "ceph" user, rather than root
+If privileges cannot be dropped, log an error and exit.  This commit
+also catches and logs exceptions when scraping the crash path, without
+which ceph-crash would just exit if it encountered an error.

+Fixes: CVE-2022-3650
+Fixes: https://tracker.ceph.com/issues/57967
+Signed-off-by: Tim Serong <tserong@suse.com>
 ---
 src/ceph-crash.in | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)