CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-14660 – glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion
https://notcve.org/view.php?id=CVE-2018-14660
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node. Se ha encontrado un error en el servidor glusterfs hasta las versiones 4.1.4 y 3.1.2 que permitía el uso repetido del xattr GF_META_LOCK_KEY. Un atacante autenticado remoto podría emplear este error para crear múltiples bloqueos para un único inode mediante el uso repetido de setxattr, lo que resulta en el agotamiento de la memoria del nodo del servidor glusterfs. A flaw was found in glusterfs server which allowed repeated usage of GF_META_LOCK_KEY xattr. • https://access.redhat.com/errata/RHSA-2018:3431 https://access.redhat.com/errata/RHSA-2018:3432 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14660 https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://security.gentoo.org/glsa/201904-06 https://access.redhat.com/security/cve/CVE-2018-14660 https://bugzilla.redhat.com/show_bug.cgi?id=1635926 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-10841 – glusterfs: access trusted peer group via remote-host command
https://notcve.org/view.php?id=CVE-2018-10841
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes. glusterfs es vulnerable a un escalado de privilegios en los nodos del servidor gluster. Un cliente gluster autenticado mediante TLS podría emplear la interfaz de línea de comandos de gluster con el comando --remote-host para añadirse a sí mismo al pool de almacenamiento fiable y realizar operaciones gluster privilegiadas, como la adición de otras máquinas al pool de almacenamiento fiable, iniciar, detener y eliminar volúmenes. A flaw was found in glusterfs which can lead to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes. • https://access.redhat.com/errata/RHSA-2018:1954 https://access.redhat.com/errata/RHSA-2018:1955 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10841 https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html https://review.gluster.org/#/c/20328 https://security.gentoo.org/glsa/201904-06 https://access.redhat.com/security/cve/CVE-2018-10841 https://bugzilla.redhat.com/show_bug.cgi?id=1582043 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1112 – glusterfs: auth.allow allows unauthenticated clients to mount gluster volumes (CVE-2018-1088 regression)
https://notcve.org/view.php?id=CVE-2018-1112
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression. El servidor glusterfs 3.10.12 y 4.0.2 es vulnerable cuando se emplea la opción "auth.allow", que permite que cualquier cliente de gluster no autenticado se conecte desde cualquier red para montar volúmenes de almacenamiento de gluster. NOTA: esta vulnerabilidad existe debido a una regresión de CVE-2018-1088 It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html https://access.redhat.com/articles/3422521 https://access.redhat.com/errata/RHSA-2018:1268 https://access.redhat.com/errata/RHSA-2018:1269 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1112 https://review.gluster.org/#/c/19899/1..2 https://access.redhat.com/security/cve/CVE-2018-1112 https://bugzilla.redhat.com/show_bug.cgi?id=1570891 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15096
https://notcve.org/view.php?id=CVE-2017-15096
A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. Se ha encontrado un fallo en versiones anteriores a la 3.10 de GlusterFS. Una desreferencia de puntero NULL en la función send_brick_req en glusterfsd/src/gf_attach.c podría emplearse para provocar una denegación de servicio (DoS). • https://bugzilla.redhat.com/show_bug.cgi?id=1504255 • CWE-476: NULL Pointer Dereference •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4417 – GlusterFS: insecure temporary file creation
https://notcve.org/view.php?id=CVE-2012-4417
GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. GlusterFS v3.3.0, como se usa en Red Hat Storage v2.0, permite a usuarios locales sobreescribir archivos arbitrarios mediante un ataque de enlaces simbólicos en los archivos temporales con nombres predecibles. • http://rhn.redhat.com/errata/RHSA-2012-1456.html http://www.securityfocus.com/bid/56522 http://www.securitytracker.com/id?1027756 https://bugzilla.redhat.com/show_bug.cgi?id=856341 https://exchange.xforce.ibmcloud.com/vulnerabilities/80074 https://access.redhat.com/security/cve/CVE-2012-4417 • CWE-264: Permissions, Privileges, and Access Controls CWE-377: Insecure Temporary File •