The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat gluster storage |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux virtualization 4.0 |
||
redhat enterprise virtualization host 4.0 |