Wind River Support Network

HomeDefectsLIN10-4982
Fixed

LIN10-4982 : Security Advisory - glusterfs - CVE-2018-14660

Created: Nov 15, 2018    Updated: Feb 2, 2019
Resolved Date: Nov 22, 2018
Found In Version: 10.17.41.1
Fix Version: 10.17.41.13
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.

https://nvd.nist.gov/vuln/detail/CVE-2018-14660

Other Downloads


CVEs


Live chat
Online