Design/Logic Flaw

2018-09-0414:29:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.7%

JSON

It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq9.0
glusterfsge3.12.0
glusterfslt3.12.14
glusterfsge4.1.0
glusterfslt4.1.8
leapeq15.1
enterprise_linux_servereq7.0
enterprise_linux_servereq6.0
virtualization_hosteq4.0

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	9.0
glusterfs	ge	3.12.0
glusterfs	lt	3.12.14
glusterfs	ge	4.1.0
glusterfs	lt	4.1.8
leap	eq	15.1
enterprise_linux_server	eq	7.0
enterprise_linux_server	eq	6.0
virtualization_host	eq	4.0