Lucene search

K

GoogleOSV:CVE-2018-10914

HistorySep 04, 2018 - 2:29 p.m.

CVE-2018-10914

2018-09-0414:29:00

Google

osv.dev

4

6.6 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.7%

It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes.

CPENameOperatorVersion
glusterfseq4.1.4
glusterfseq4.1.2
glusterfseq4.1.1
glusterfseq4.1.3
glusterfseq4.1.7
glusterfseq4.1.5
glusterfseq4.1.6
glusterfseq4.1.0

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html

access.redhat.com/errata/RHSA-2018:2607

access.redhat.com/errata/RHSA-2018:2608

access.redhat.com/errata/RHSA-2018:3470

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10914

lists.debian.org/debian-lts-announce/2018/09/msg00021.html

lists.debian.org/debian-lts-announce/2021/11/msg00000.html

security.gentoo.org/glsa/201904-06

6.6 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.7%

Related for OSV:CVE-2018-10914

cve1 redhatcve1 prion1 cvelist1 veracode1 nvd1 ubuntucve1 debiancve1 nessus18 openvas12 centos1 fedora3 osv3 redhat3 ibm1 debian2 suse1 gentoo1 ubuntu1