SB2018043008 - Red Hat update for glusterfs
Published: April 30, 2018 Updated: May 23, 2018
Security Bulletin ID
SB2018043008
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Improper authentication (CVE-ID: CVE-2018-1112)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to improper authentication when using 'auth.allow' option. A remote attacker can mount gluster storage volumes.
2) Symlink attack (CVE-ID: CVE-2018-1088)
CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
The vulnerability allows an adjacent unauthenticated attacker to gain elevated privileges on the target system.
The weakness exists in the snapshot scheduler due to improper security restrictions during the mounting of gluster volumes. An adjacent attacker can access a gluster node, perform symbolic link attack that is designed to schedule malicious cronjobs and gain root privileges.
Remediation
Install update from vendor's website.