Package: glusterfs X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security
Hi, The following vulnerabilities were published for glusterfs. CVE-2018-14651[0]: | It was found that the fix for CVE-2018-10927, CVE-2018-10928, | CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A | remote, authenticated attacker could use one of these flaws to execute | arbitrary code, create arbitrary files, or cause denial of service on | glusterfs server nodes via symlinks to relative paths. CVE-2018-14652[1]: | The Gluster file system through versions 3.12 and 4.1.4 is vulnerable | to a buffer overflow in the 'features/index' translator via the code | handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. | A remote authenticated attacker could exploit this on a mounted volume | to cause a denial of service. CVE-2018-14653[2]: | The Gluster file system through versions 4.1.4 and 3.12 is vulnerable | to a heap-based buffer overflow in the '__server_getspec' function via | the 'gf_getspec_req' RPC message. A remote authenticated attacker | could exploit this to cause a denial of service or other potential | unspecified impact. CVE-2018-14654[3]: | The Gluster file system through version 4.1.4 is vulnerable to abuse | of the 'features/index' translator. A remote attacker with access to | mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' | xattrop to create arbitrary, empty files on the target server. CVE-2018-14659[4]: | The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable | to a denial of service attack via use of the | 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker | could exploit this by mounting a Gluster volume and repeatedly calling | 'setxattr(2)' to trigger a state dump and create an arbitrary number | of files in the server's runtime directory. CVE-2018-14660[5]: | A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 | which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, | authenticated attacker could use this flaw to create multiple locks | for single inode by using setxattr repetitively resulting in memory | exhaustion of glusterfs server node. CVE-2018-14661[6]: | It was found that usage of snprintf function in feature/locks | translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster | Storage, was vulnerable to a format string attack. A remote, | authenticated attacker could use this flaw to cause remote denial of | service. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-14651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14651 [1] https://security-tracker.debian.org/tracker/CVE-2018-14652 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14652 [2] https://security-tracker.debian.org/tracker/CVE-2018-14653 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14653 [3] https://security-tracker.debian.org/tracker/CVE-2018-14654 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14654 [4] https://security-tracker.debian.org/tracker/CVE-2018-14659 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14659 [5] https://security-tracker.debian.org/tracker/CVE-2018-14660 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14660 [6] https://security-tracker.debian.org/tracker/CVE-2018-14661 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14661 Please adjust the affected versions in the BTS as needed. Regards, Markus
signature.asc
Description: OpenPGP digital signature