Wind River Support Network

HomeDefectsLIN8-9778

Fixed

LIN8-9778 : Security Advisory - glusterfs - CVE-2018-10923

Created: Sep 17, 2018 Updated: Dec 21, 2018

Resolved Date: Oct 9, 2018

Found In Version: 8.0.0.27

Fix Version: 8.0.0.28

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

It was found that the mknod call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.

https://nvd.nist.gov/vuln/detail/CVE-2018-10923

Other Downloads

Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2018-10923