It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gluster glusterfs |
||
redhat virtualization host 4.0 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux server 7.0 |
||
opensuse leap 15.1 |