### [CVE-2021-3979](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3979)
![](https://img.shields.io/static/v1?label=Product&message=ceph&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Not-Known%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-327%20-%20Use%20of%20a%20Broken%20or%20Risky%20Cryptographic%20Algorithm&color=brightgreen)

### Description

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security