glusterfs is vulnerable to privilege escalation. It was found that glusterfs-server RPM package would write file with predictable name into world readable /tmp directory. A local attacker could potentially use this flaw to escalate their privileges to root by modifying the shell script during the installation of the glusterfs-server package.
rhn.redhat.com/errata/RHSA-2017-0484.html
rhn.redhat.com/errata/RHSA-2017-0486.html
www.securityfocus.com/bid/99311
www.securitytracker.com/id/1038128
access.redhat.com/documentation/en-us/red_hat_gluster_storage/3.2/html/3.2_release_notes/
access.redhat.com/errata/RHSA-2017:0484
access.redhat.com/errata/RHSA-2017:0486
access.redhat.com/security/cve/CVE-2015-1795
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1200927
bugzilla.redhat.com/show_bug.cgi?id=1362373
bugzilla.redhat.com/show_bug.cgi?id=1375059
bugzilla.redhat.com/show_bug.cgi?id=1382319
bugzilla.redhat.com/show_bug.cgi?id=1403587
bugzilla.redhat.com/show_bug.cgi?id=1403919
bugzilla.redhat.com/show_bug.cgi?id=1404551
bugzilla.redhat.com/show_bug.cgi?id=1424944
bugzilla.redhat.com/show_bug.cgi?id=1425748
bugzilla.redhat.com/show_bug.cgi?id=1432972