CVE-2023-26253

Опубликовано: 21 фев. 2023

Источник: redhat

CVSS3: 7.5

Описание

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

A flaw was found in Gluster, where GlusterFS is vulnerable to a denial of service caused by a stack-based buffer over-read flaw in xlators/mount/fuse/src/fuse-bridge.c. A remote attacker can cause the application to crash by sending a specially-crafted request.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	glusterfs	Not affected
Red Hat Enterprise Linux 7	glusterfs	Not affected
Red Hat Enterprise Linux 8	glusterfs	Not affected
Red Hat Enterprise Linux 9	glusterfs	Not affected
Red Hat Storage 3	glusterfs	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121->CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=2173923glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c

7.5 High

CVSS3

Связанные уязвимости

CVE-2023-26253

CVSS3: 7.5

ubuntu

почти 3 года назад

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

CVE-2023-26253

CVSS3: 7.5

nvd

почти 3 года назад

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

CVE-2023-26253

CVSS3: 7.5

msrc

больше 1 года назад

Описание отсутствует

CVE-2023-26253

CVSS3: 7.5

debian

почти 3 года назад

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bri ...

GHSA-696f-v7g7-q758

CVSS3: 9.1

github

почти 3 года назад

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

7.5 High

CVSS3