Wind River Support Network

HomeDefectsLIN1018-2941
Fixed

LIN1018-2941 : Security Advisory - glusterfs - CVE-2018-14660

Created: Nov 15, 2018    Updated: Sep 13, 2022
Resolved Date: Jan 28, 2019
Found In Version: unknown
Fix Version: 10.18.44.4
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.

https://nvd.nist.gov/vuln/detail/CVE-2018-14660

CVEs


Live chat
Online