Source: ceph Version: 18.2.6-1 Severity: serious Tags: security Forwarded: https://github.com/ceph/ceph/pull/64356 X-Debbugs-Cc: Debian Security Team <[email protected]>
Prior to fb1b72d, unprivileged users could add mode bits as long as S_ISUID and S_ISGID were not included in the change. After fb1b72d, unprivileged users were allowed to modify S_ISUID and S_ISGID bits only when no other mode bits were changed in the same operation. This inadvertently permitted unprivileged users to set S_ISUID and/or S_ISGID bits when they were the sole bits being modified. This behavior should not be allowed. Unprivileged users should be prohibited from setting S_ISUID and/or S_ISGID bits under any circumstances.
