6 matches found
CVE-2018-14660
A flaw was found in glusterfs server which allowed repeated usage of GFMETALOCKKEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node...
GLSA-201904-06 : GlusterFS: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201904-06 GlusterFS: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GlusterFS. Please review the referenced CVE identifiers for details. Impact : Please review the referenced CVE identifiers for details...
Fedora 29 : glusterfs (2018-986f0b7fb0)
5.1 GA , security fixes for: CVE-2018-14651 CVE-2018-14652 CVE-2018-14653 CVE-2018-14654 CVE-2018-14659 CVE-2018-14660 CVE-2018-14661 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
RHEL 7 : Red Hat Virtualization (RHSA-2018:3470)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3470 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...
CVE-2018-14660
CVE-2018-14660 : A flaw in GlusterFS server (versions up to 4.1.4 and 3.1.2) lets a remote, authenticated attacker repeatedly call setxattr on GF_META_LOCK_KEY to create multiple locks for a single inode, leading to memory exhaustion on the GlusterFS server node. Connected documents confirm Glust...
RHEL 7 : glusterfs (RHSA-2018:3432)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3432 advisory. - glusterfs: glusterfs server exploitable via symlinks to relative paths CVE-2018-14651 - glusterfs: Buffer overflow in features/locks...