CVE-2018-14652

Summary

The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service.

Affected Software

VendorProductVersion RangeStatus
The Gluster Projectglusterfsthrough 3.12 and 4.1.4affected

Weaknesses

  • CWE-120: CWE-120

ADP Enrichment

CVE Program Container

Additional References

References