CVE-2018-10930 – glusterfs: Files can be renamed outside volume
https://notcve.org/view.php?id=CVE-2018-10930
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. Se ha detectado un error en las peticiones RPC que emplean gfs3_rename_req en el servidor glusterfs. Un atacante autenticado podría emplear este error para escribir a un destino fuera del volumen gluster. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10930 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://review.gluster.org/#/c/glusterfs/+/21068 https:/ • CWE-20: Improper Input Validation •
CVE-2018-10923 – glusterfs: I/O to arbitrary devices on storage server
https://notcve.org/view.php?id=CVE-2018-10923
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node. Se ha detectado que la llamada "mknod" derivada de mknod(2) puede crear archivos que señalan a dispositivos en un nodo del servidor glusterfs. Un atacante autenticado podría emplearlo para crear un dispositivo arbitrario y leer datos desde cualquier dispositivo conectado al nodo del servidor glusterfs. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10923 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://security.gentoo.org/glsa/201904-06 https://access.redhat.c • CWE-20: Improper Input Validation •
CVE-2018-10927 – glusterfs: File status information leak and denial of service
https://notcve.org/view.php?id=CVE-2018-10927
A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. Se ha detectado un error en las peticiones RPC que emplean gfs3_lookup_req en el servidor glusterfs. Un atacante autenticado podría emplear este error para filtrar información y ejecutar una denegación de servicio (DoS) remota provocando el cierre inesperado del proceso brick de gluster. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10927 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://security.gentoo.org/glsa/201904-06 https://access.redhat.c • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-10904 – glusterfs: Unsanitized file names in debug/io-stats translator can allow remote attackers to execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-10904
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. Se ha detectado que el servidor glusterfs no sanea correctamente las rutas de archivo en el atributo extendido "trusted.io-stats-dump", empleado por el traductor "debug/io-stats". Los atacantes pueden emplear este error para crear archivos y ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10904 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://review.gluster.org/#/c/glusterfs/+/21072 https:/ • CWE-426: Untrusted Search Path •
CVE-2018-10911 – glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
https://notcve.org/view.php?id=CVE-2018-10911
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. Se ha detectado un error en la forma en la que la función dic_unserialize en glusterfs no gestiona los valores de longitud de clave negativos. Un atacante podría utilizar este error para leer la memoria de otras ubicaciones en el valor dict almacenado. A flaw was found in dict.c:dict_unserialize function of glusterfs, dic_unserialize function does not handle negative key length values. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/errata/RHSA-2018:2607 https://access.redhat.com/errata/RHSA-2018:2608 https://access.redhat.com/errata/RHSA-2018:2892 https://access.redhat.com/errata/RHSA-2018:3242 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10911 https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html https://lists.debian.org/debian-lts • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •