CVE-2018-14661

It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service.

References

Affected packages

Git / github.com/gluster/glusterfs

Affected ranges

Type

GIT

Repo

https://github.com/gluster/glusterfs

Events

Introduced

Last affected

266ca69d01c8ee7ca04087ced234cf5e392b754a

Introduced

Last affected

2e1e4168ab6b6b3ebe9e3dfb227fb7631e5c1aa4

Introduced

Last affected

c6d4289dad6622e311c312b609a52106909f7d74

Introduced

Last affected

4a85a221c92f422dedde62832e6cd6e66cae2722

Introduced

Last affected

4a85a221c92f422dedde62832e6cd6e66cae2722

Introduced

Last affected

3fadf5cc41d5ea3195d2228d23e890f27fc22f87

Introduced

Last affected

a92e9e8e8ae6b97db8e0c1fb8268aef734ab48b4

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.8.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        }
    ]
}

Affected versions

2.*

2.0.0

2.0.0rc2

2.0.0rc3

2.0.0rc5

2.0.0rc6

2.0.0rc7

2.0.0rc8

2.0.0rc9

2.0.1

branchpoint-3.*

branchpoint-3.2

v3.*

v3.0.0

v3.0.0pre1

v3.0.1rc1

v3.0.1rc2

v3.0.1rc3

v3.0.1rc4

v3.0.1rc5

v3.1.0

v3.1.0alpha

v3.1.0beta

v3.1.0prealpha1

v3.1.0prealpha2

v3.1.0prealpha3

v3.1.0prealpha4

v3.1.0qa10

v3.1.0qa11

v3.1.0qa12

v3.1.0qa13

v3.1.0qa14

v3.1.0qa15

v3.1.0qa16

v3.1.0qa17

v3.1.0qa18

v3.1.0qa19

v3.1.0qa2

v3.1.0qa20

v3.1.0qa21

v3.1.0qa22

v3.1.0qa23

v3.1.0qa24

v3.1.0qa25

v3.1.0qa26

v3.1.0qa27

v3.1.0qa28

v3.1.0qa29

v3.1.0qa3

v3.1.0qa30

v3.1.0qa31

v3.1.0qa32

v3.1.0qa33

v3.1.0qa34

v3.1.0qa35

v3.1.0qa36

v3.1.0qa37

v3.1.0qa38

v3.1.0qa39

v3.1.0qa4

v3.1.0qa40

v3.1.0qa41

v3.1.0qa42

v3.1.0qa43

v3.1.0qa44

v3.1.0qa45

v3.1.0qa46

v3.1.0qa5

v3.1.0qa6

v3.1.0qa7

v3.1.0qa8

v3.1.0qa9

v3.1.1

v3.1.1qa1

v3.1.1qa10

v3.1.1qa11

v3.1.1qa2

v3.1.1qa3

v3.1.1qa4

v3.1.1qa5

v3.1.1qa6

v3.1.1qa7

v3.1.1qa8

v3.1.1qa9

v3.1.2

v3.1.2gsyncqa4

v3.1.2gsyncqa5

v3.1.2gsyncqa6

v3.1.2qa1

v3.1.2qa2

v3.1.2qa3

v3.1.2qa4

v3.1.3qa1

v3.1.3qa2

v3.1.3qa3

v3.1.3qa4

v3.1.3qa5

v3.10dev

v3.11dev

v3.12dev

v3.2.0

v3.2.0qa10

v3.2.0qa11

v3.2.0qa12

v3.2.0qa13

v3.2.0qa14

v3.2.0qa15

v3.2.0qa16

v3.2.0qa4

v3.2.0qa5

v3.2.0qa6

v3.2.0qa7

v3.2.0qa8

v3.2.0qa9

v3.3.0beta3

v3.3.0qa1

v3.3.0qa10

v3.3.0qa11

v3.3.0qa12

v3.3.0qa13

v3.3.0qa14

v3.3.0qa15

v3.3.0qa16

v3.3.0qa17

v3.3.0qa18

v3.3.0qa19

v3.3.0qa2

v3.3.0qa20

v3.3.0qa21

v3.3.0qa22

v3.3.0qa23

v3.3.0qa24

v3.3.0qa26

v3.3.0qa27

v3.3.0qa28

v3.3.0qa29

v3.3.0qa3

v3.3.0qa30

v3.3.0qa31

v3.3.0qa32

v3.3.0qa33

v3.3.0qa34

v3.3.0qa35

v3.3.0qa36

v3.3.0qa37

v3.3.0qa38

v3.3.0qa39

v3.3.0qa4

v3.3.0qa5

v3.3.0qa6

v3.3.0qa7

v3.3.0qa8

v3.3.0qa9

v3.3beta2

v3.4.0alpha

v3.4.0qa3

v3.4.0qa4

v3.4.0qa5

v3.4.0qa6

v3.4.0qa7

v3.4.0qa8

v3.5.0qa1

v3.5qa2

v3.7dev

v3.8.0

v3.8.1

v3.8.2

v3.8.3

v3.8.4

v3.8dev

v3.8rc0

v3.8rc1

v3.8rc2

v3.9dev

v4.*

v4.0dev

v4.0dev1

v4.1dev

v4.2dev

Other

v6dev

v7dev

v8dev

v9dev

v8.*

v8.0

v8.0alpha

v8.0rc0

v9.*

v9.0

v9.0alpha

v9.0rc0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14661.json"