Description
glusterfs: Unsanitized file names in debug/io-stats translator can allow remote attackers to execute arbitrary code (CVE-2018-10904)
glusterfs: Stack-based buffer overflow in server-rpc-fops.c allows remote attackers to execute arbitrary code (CVE-2018-10907)
glusterfs: I/O to arbitrary devices on storage server (CVE-2018-10923)
glusterfs: Device files can be created in arbitrary locations (CVE-2018-10926)
glusterfs: File status information leak and denial of service (CVE-2018-10927)
glusterfs: Improper resolution of symlinks allows for privilege escalation (CVE-2018-10928)
glusterfs: Arbitrary file creation on storage server allows for execution of arbitrary code (CVE-2018-10929)
glusterfs: Files can be renamed outside volume (CVE-2018-10930)
glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory (CVE-2018-10911)
glusterfs: remote denial of service of gluster volumes via posix_get_file_contents function in posix-helpers.c (CVE-2018-10914)
glusterfs: Information Exposure in posix_get_file_contents function in posix-helpers.c (CVE-2018-10913)