Issued:
2018-04-18
Updated:
2018-04-18

RHSA-2018:1137 - Security Advisory

Synopsis

Important: glusterfs security update

Type/Severity

Security Advisory: Important

Topic

An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system.

Security Fix(es):

  • glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled (CVE-2018-1088)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by John Strunk (Red Hat).

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Gluster Storage Server for On-premise 3 x86_64

Fixes

  • BZ - 1558721 - CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled

CVEs

References

Red Hat Enterprise Linux Server 6

SRPM
glusterfs-3.8.4-54.7.el6.src.rpm SHA-256: 09664675a8a250a8dfe3d032230803b4d1d85ddb519d7f7846c60333b7969e30
x86_64
glusterfs-3.8.4-54.7.el6.x86_64.rpm SHA-256: 75ae400d878fd04d2292f0f0bde1f75e33943d55b7565af761b52499b6b2c899
glusterfs-api-3.8.4-54.7.el6.x86_64.rpm SHA-256: cdda68eb679afffcafe7d16920d3f4b51394d9677274b778b46cbeda42454381
glusterfs-api-devel-3.8.4-54.7.el6.x86_64.rpm SHA-256: a0c7ec264ef1463ebc6a0b38b30ee3d95aeaf66516db16810595d12766412256
glusterfs-cli-3.8.4-54.7.el6.x86_64.rpm SHA-256: 21117da2baa49d921d6a50b4dfb6516baee9b42991a4b20e0d1586396466a666
glusterfs-client-xlators-3.8.4-54.7.el6.x86_64.rpm SHA-256: 6ad2ec3954851bde26efdd6c39a2c895ef9ac0fedfb3e2101430ad618907f0c9
glusterfs-debuginfo-3.8.4-54.7.el6.x86_64.rpm SHA-256: 0f43a3c647ed3c15d107e7560305939fb3738b73e4b5d3a569001bae4cf9ed19
glusterfs-devel-3.8.4-54.7.el6.x86_64.rpm SHA-256: 52525a5a83adb37040aa1631b5316bc52ac10237c5d3c9f6eedad0b8e7d6afff
glusterfs-fuse-3.8.4-54.7.el6.x86_64.rpm SHA-256: a5a725a9647ad4b1b9bca0610eb04dcc3b193a954f7a6375dd0018bf3253b6cd
glusterfs-libs-3.8.4-54.7.el6.x86_64.rpm SHA-256: 09b03f2687cc6d64c6632529024cf7cacfb005ca3cd41db83fd0bec6fd836c3e
glusterfs-rdma-3.8.4-54.7.el6.x86_64.rpm SHA-256: 758ac230bd0276b7e99b6d6034fa05139941f077ea85b9b08648c052704f0d00
python-gluster-3.8.4-54.7.el6.noarch.rpm SHA-256: fb5fe2a2ab4db8ce077a873dd50b59d88c581fecc268156e50e1184b28fa3ac1

Red Hat Gluster Storage Server for On-premise 3

SRPM
glusterfs-3.8.4-54.7.el6rhs.src.rpm SHA-256: 51216c8801f0cc176047fe74d330f060a6e3692064471393bd08ca5fb6c4d591
x86_64
glusterfs-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: 0ff6b613bab31487dc36d323f01fff6da7b21b59f665dc037821b147398b2960
glusterfs-api-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: 35dfeed0605f3118f2d56b48413b740e4ea23b8c08d8056815a01d3760c46629
glusterfs-api-devel-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: 44507774fd2ebe76e46e291e3e773ccec5fdabea2f58e0649c54ff207400c1ca
glusterfs-cli-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: cb1b7aad3bcd67f145dadc3aecbac7089835d366a4ff63608d1468062ba7201e
glusterfs-client-xlators-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: bade723727a5f067be26466d7ea18e19db2e3784c6e8cf88f9fff3d4ab7cc35a
glusterfs-debuginfo-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: bd165fc251881d240c974109c78339cd196dfd4c17592c32f31365e57dfad482
glusterfs-devel-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: 57f50626440c5186e6dfbf81145b574c8221d1fe024e3bcddd67d8de13db9bff
glusterfs-events-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: 3df05259933d26a552bcbea0f671a5def091c065b9ba9ebc51d545caeb9b6b99
glusterfs-fuse-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: e1b3696b9330b4de3ed94c4acb2669b5b12d95d9d3c605b991e1f896d45614d7
glusterfs-ganesha-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: f8f11d9d25d7098eead24bbe120cbd493be6c49741fbcc59a2b134cea8542575
glusterfs-geo-replication-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: 6e0c494aa2a45886ccd07d6c0735c15e4213126a1ac3d14074e6a9d338dc9ab7
glusterfs-libs-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: e33055c22013d93f0e77c0c9c50c6479ed8acce091a61d8f50c6ccddffa120ab
glusterfs-rdma-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: c6e3d10299fb45cac0388e0aa40e07a54d3ebc6b51ea54a7febee91146001ce8
glusterfs-server-3.8.4-54.7.el6rhs.x86_64.rpm SHA-256: b9b2629e3dd19da37a980b07e543b92ae186f1bd2ebd3801af5aabba66a3d963
python-gluster-3.8.4-54.7.el6rhs.noarch.rpm SHA-256: 1078603d7cb9bc02196de19db045cd1c42307414ab9ab1441e168eb107ef522d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.