CVE-2018-10926 – glusterfs: Device files can be created in arbitrary locations
https://notcve.org/view.php?id=CVE-2018-10926
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. Se ha detectado un error en las peticiones RPC que emplean gfs3_mknod_req soportadas por el servidor glusterfs. Un atacante autenticado podría emplear este error para escribir archivos en una ubicación arbitraria mediante un salto de directorio y ejecutar código arbitrario en un nodo del servidor glusterfs. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10926 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://security.gentoo.org/glsa/201904-06 https://access.redhat.c • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-10928 – glusterfs: Improper resolution of symlinks allows for privilege escalation
https://notcve.org/view.php?id=CVE-2018-10928
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. Se ha detectado un error en las peticiones RPC que emplean gfs3_symlink_req en el servidor glusterfs, lo que permite que los destinos symlink señalen a rutas de archivo fuera del volumen gluster. Un atacante autenticado podría emplear este error para crear symlinks arbitrarios que señalen a cualquier lugar del servidor y ejecutar código arbitrario en un nodo del servidor glusterfs. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://security.gentoo.org/glsa/201904-06 https://access.redhat.c • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2018-10913 – glusterfs: Information Exposure in posix_get_file_contents function in posix-helpers.c
https://notcve.org/view.php?id=CVE-2018-10913
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. Se ha descubierto una vulnerabilidad de divulgación de información en el servidor glusterfs. Un atacante podría lanzar una petición xattr mediante glusterfs FUSE para determinar la existencia de algún archivo. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10913 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://review.gluster.org/#/c/glusterfs/+/21071 https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2018-10929 – glusterfs: Arbitrary file creation on storage server allows for execution of arbitrary code
https://notcve.org/view.php?id=CVE-2018-10929
A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. Se ha detectado un error en las peticiones RPC que emplean gfs2_create_req en el servidor glusterfs. Un atacante autenticado podría emplear este error para crear archivos arbitrarios y ejecutar código arbitrario en un nodo del servidor glusterfs. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html http://www.securityfocus.com/bid/107577 https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10929 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://security.gentoo.org • CWE-20: Improper Input Validation •
CVE-2018-10907 – glusterfs: Stack-based buffer overflow in server-rpc-fops.c allows remote attackers to execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-10907
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. Se ha detectado que el servidor glusterfs es vulnerable a múltiples desbordamientos de búfer basados en pila debido a que las funciones en server-rpc-fopc.c asignan búfers de tamaño fijo mediante "alloca(3)". Un atacante autenticado podría explotar esto montando un volumen gluster y enviando una cadena más grande que el tamaño fijo de búfer para provocar su cierre inesperado o la potencial ejecución de código. It was found that glusterfs server is vulnerable to mulitple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10907 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://review.gluster.org/#/c/glusterfs/+/21070 https:/ • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •