CVE-2018-10911
Description
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
4.553
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-api-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-api-devel-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-cli-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-client-xlators-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-devel-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-fuse-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-libs-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-rdma-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2607) Red Hat Gluster Storage security, bug fix, and enhancement update python2-gluster-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-api-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-api-devel-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-cli-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-client-xlators-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-devel-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-fuse-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-libs-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:2608) Red Hat Gluster Storage security, bug fix, and enhancement update glusterfs-rdma-3.12.2-18.el6.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-api-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-api-devel-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-cli-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-client-xlators-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-debuginfo-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-devel-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-fuse-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-libs-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update glusterfs-rdma-3.12.2-18.el7.x86_64.rpm | Linux |
| (RHSA-2018:3242)Moderate: security, bug fix, and enhancement update python2-gluster-3.12.2-18.el7.x86_64.rpm | Linux |
| CVE-2018-10911 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234