QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3979

Published: Aug 25, 2022

Modified: Nov 3, 2025

PUBLISHED

Description

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

Vendor	Product	Versions
n/a	ceph	affected `Not-Known`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2024788

https://access.redhat.com/security/cve/CVE-2021-3979

https://tracker.ceph.com/issues/54006

https://github.com/ceph/ceph/pull/44765

https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656

FEDORA-2022-d832fd2f45

vendor-advisory

https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.