CVE-2018-14653

Summary

The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. A remote authenticated attacker could exploit this to cause a denial of service or other potential unspecified impact.

Affected Software

VendorProductVersion RangeStatus
The Gluster Projectglusterfsthrough 3.12 and 4.1.4affected

Weaknesses

  • CWE-122: CWE-122

ADP Enrichment

CVE Program Container

Additional References

References