Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-48340HistoryFeb 21, 2023 - 2:15 a.m.
CVE-2022-48340
2023-02-2102:15:10
Debian Security Bug Tracker
security-tracker.debian.org
13
cve-2022-48340
glusterfs
use-after-free
vulnerability
dht_setxattr_mds_cbk
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
31.0%
In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use-after-free.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | glusterfs | <= 10.3-5 | glusterfs_10.3-5_all.deb |
| Debian | 11 | all | glusterfs | <= 9.2-1 | glusterfs_9.2-1_all.deb |
| Debian | 999 | all | glusterfs | < 11.1-1 | glusterfs_11.1-1_all.deb |
| Debian | 13 | all | glusterfs | < 11.1-1 | glusterfs_11.1-1_all.deb |
Related
nessus
nessus
RHEL 7 : glusterfs (Unpatched Vulnerability)
2024-05-11 00:00:00
EulerOS 2.0 SP10 : glusterfs (EulerOS-SA-2024-1566)
2024-05-09 00:00:00
EulerOS 2.0 SP11 : glusterfs (EulerOS-SA-2024-1833)
2024-06-25 00:00:00
ubuntucve
ubuntucve
CVE-2022-48340
2023-02-21 00:00:00
prion
prion
Double free
2023-02-21 02:15:00
openvas
openvas
Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1812)
2024-06-25 00:00:00
Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1566)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1588)
2024-05-10 00:00:00
osv
osv
CVE-2022-48340
2023-02-21 02:15:10
glusterfs vulnerability
2023-11-22 16:12:50
nvd
nvd
CVE-2022-48340
2023-02-21 02:15:10
cve
cve
CVE-2022-48340
2023-02-21 02:15:10
ubuntu
ubuntu
GlusterFS vulnerability
2023-11-22 00:00:00
redhatcve
redhatcve
CVE-2022-48340
2023-02-28 12:59:53
cvelist
cvelist
CVE-2022-48340
2023-02-21 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: glusterfs-10.4-1.fc37
2023-04-12 01:34:55
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
31.0%
Related for DEBIANCVE:CVE-2022-48340