DescriptionIt was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
|National Vulnerability Database||SUSE|
|Attack Vector||Network||Adjacent Network|
SUSE Security Advisories:
- openSUSE-SU-2020:0079-1, published Mon, 20 Jan 2020 06:11:03 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Leap 15.1|| ||Patchnames: |
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA glusterfs-9.1-1.3
SUSE Timeline for this CVECVE page created: Thu Aug 23 13:45:27 2018
CVE page last modified: Wed Oct 26 21:19:12 2022