CVE-2018-10907 -- glusterfs-commonID: oval:org.secpod.oval:def:1901584 | Date: (C)2019-05-30 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
It was found that glusterfs-common server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using "alloca". An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.10 |
Ubuntu 14.04 |
Ubuntu 18.04 |