What the vulnerability does

01Description

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

Key dates

02Disclosure timeline

August 25, 2022 CVE published
November 3, 2025 Record updated