vulnerability

Red Hat: CVE-2018-10923: Important: Red Hat Gluster Storage security, bug fix, and enhancement update (Multiple Advisories)

Name: Red Hat: CVE-2018-10923: Important: Red Hat Gluster Storage security, bug fix, and enhancement update (Multiple Advisories)
Creator: Red Hat
Published: 2018-09-04T00:00:00.000Z
Keywords: CVE, Red Hat, 2018, 10923, Important, redhat-upgrade-glusterfs-server, Severity 6

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:N)

Published

Sep 4, 2018

Added

Sep 5, 2018

Modified

Mar 3, 2021

Description

It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.

Solution

redhat-upgrade-glusterfs-server

References

NVD-CVE-2018-10923
REDHAT-RHSA-2018:2607
REDHAT-RHSA-2018:2608
REDHAT-RHSA-2018:3470

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report