• Status Closed
  • Percent Complete
  • Task Type Security Issue
  • Category Any
  • Assigned To
  • Operating System All
  • Severity Critical
  • Priority Medium
  • Reported Version Any
  • Due in Version Starfix
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Packages
Opened by g4jc - 12/05/2018
Last edited by Emulatorman - 02/06/2018

FS#731 - [glusterfs] CVE-2018-1088: Privilege escalation via gluster_shared_storage ...

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

Upstream patches:

Fixed in:

Closed by  Emulatorman
02.06.2018 06:35
Reason for closing:  Fixed
Date User Effort (H:M)
watch my effort tracking timers


Available keyboard shortcuts


Task Details

Task Editing