Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-14660

Опубликовано: 01 нояб. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4
CVSS3: 6.5

Описание

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

4.1.4-1
disco

not-affected

4.1.4-1
eoan

not-affected

4.1.4-1
esm-apps/bionic

released

3.13.2-1ubuntu1+esm1
esm-apps/focal

not-affected

4.1.4-1
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
focal

not-affected

4.1.4-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%
0.01601
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-14660

CVSS3: 6.5
redhat
больше 7 лет назад

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.

nvd логотип

CVE-2018-14660

CVSS3: 6.5
nvd
больше 7 лет назад

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.

debian логотип

CVE-2018-14660

CVSS3: 6.5
debian
больше 7 лет назад

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 ...

github логотип

GHSA-p6w5-mv25-26mv

CVSS3: 6.5
github
больше 3 лет назад

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.

fstec логотип

BDU:2023-05467

CVSS3: 6.5
fstec
больше 7 лет назад

Уязвимость файловой системы GlusterFS, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 81%
0.01601
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3