Issued:
2018-10-31
Updated:
2018-10-31

RHSA-2018:3432 - Security Advisory

Synopsis

Important: glusterfs security and bug fix update

Type/Severity

Security Advisory: Important

Topic

Updated glusterfs packages that fix multiple security issues and bugs are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system.

Security Fix(es):

  • glusterfs: glusterfs server exploitable via symlinks to relative paths (CVE-2018-14651)
  • glusterfs: Buffer overflow in "features/locks" translator allows for denial of service (CVE-2018-14652)
  • glusterfs: Heap-based buffer overflow via "gf_getspec_req" RPC message (CVE-2018-14653)
  • glusterfs: "features/index" translator can create arbitrary, empty files (CVE-2018-14654)
  • glusterfs: Unlimited file creation via "GF_XATTR_IOSTATS_DUMP_KEY" xattr allows for denial of service (CVE-2018-14659)
  • glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion (CVE-2018-14660)
  • glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service (CVE-2018-14661)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting these issues.

Bug Fix(es):

  • MD5 instances are replaced with FIPS-compliant SHA256 checksums and glusterd no longer crashes when run on a FIPS enabled machine. (BZ#1459709)
  • The flock is unlocked specifically and the status file is updated so that the reference is not leaked to any worker or agent process. As a result of this fix, all workers come up without fail. (BZ#1623749)
  • All HTIME index files are checked for the specified start and end times, and the History API does not fail when multiple HTIME files exist. (BZ#1627639)
  • After upgrading to Red Hat Gluster Storage 3.4 from earlier versions of Red Hat Gluster Storage, the volume size displayed by the df command was smaller than the actual volume size. This has been fixed and the df command now shows the correct size for all volumes. (BZ#1630997)
  • The algorithm to disable the eager-lock is modified and it disables only when multiple write operations are trying to modify a file at the same time. This led to performance improvement while a write operation is performed on a file irrespective of the number of times it is opened at the same time for a read operation. (BZ#1630688)
  • heal-info does not consider the presence of dirty markers as an indication of split-brain and does not display these entries to be in a split-brain state. (BZ#1610743)

All users of Red Hat Gluster Storage are advised to upgrade to these updated packages, which provide numerous bug fixes and enhancements.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64

Fixes

  • BZ - 1610743 - Directory is incorrectly reported as in split-brain when dirty marking is there
  • BZ - 1618221 - If a node disconnects during volume delete, it assumes deleted volume as a freshly created volume when it is back online
  • BZ - 1619627 - Add performance options to virt profile
  • BZ - 1622649 - [RHEL7] Some of the Posix compliance tests are failing on gluster mount
  • BZ - 1623749 - Geo-rep: Few workers fails to start with out any failure
  • BZ - 1623874 - IO errors on block device post rebooting one brick node
  • BZ - 1624444 - Fail volume stop operation in case brick detach request fails
  • BZ - 1625622 - [Disperse] Improve log messages for EC volume while getting/setting xattrs and finding good child to wind
  • BZ - 1626780 - sas workload job getting stuck after sometime
  • BZ - 1627098 - RFE: make fuse dumping available as mount option
  • BZ - 1627617 - SAS job aborts complaining about file doesn't exist
  • BZ - 1627639 - libgfchangelog: History API fails
  • BZ - 1630688 - Low Random write IOPS in VM in RHHI 2.0
  • BZ - 1631329 - rpc marks brick disconnected from glusterd
  • BZ - 1631372 - glusterfsd keeping fd open in index xlator after stop the volume
  • BZ - 1631576 - CVE-2018-14654 glusterfs: "features/index" translator can create arbitrary, empty files
  • BZ - 1632557 - CVE-2018-14651 glusterfs: glusterfs server exploitable via symlinks to relative paths
  • BZ - 1632974 - CVE-2018-14652 glusterfs: Buffer overflow in "features/locks" translator allows for denial of service
  • BZ - 1633431 - CVE-2018-14653 glusterfs: Heap-based buffer overflow via "gf_getspec_req" RPC message
  • BZ - 1635926 - CVE-2018-14660 glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion
  • BZ - 1635929 - CVE-2018-14659 glusterfs: Unlimited file creation via "GF_XATTR_IOSTATS_DUMP_KEY" xattr allows for denial of service
  • BZ - 1636880 - CVE-2018-14661 glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service
  • BZ - 1636902 - "gluster vol heal <vol name> info" is hung on Distributed-Replicated ( Arbiter )
  • BZ - 1640135 - Wrong version number in /etc/redhat-storage-release
  • BZ - 1641489 - [Brick-Mux] gluster vol stop fails with Error : Request timed out.
  • BZ - 1641586 - spec: wrong release number for RHGS 3.4.1 in /usr/share/glusterfs/release
  • BZ - 1643355 - [RHEL7] update with entitlement certificate for RHEL 7.6

CVEs

References

Red Hat Enterprise Linux Server 7

SRPM
glusterfs-3.12.2-25.el7.src.rpm SHA-256: f10ae3de5b0e1c52bfb6252e14b902093ccdc784fdf2a0730603b240a0ba8281
x86_64
glusterfs-3.12.2-25.el7.x86_64.rpm SHA-256: 6e98d94cc58ff3730324b8761bacf213b882beee8094e98425ce97a40cbffaa4
glusterfs-api-3.12.2-25.el7.x86_64.rpm SHA-256: 7a8e2826a480449af3a92a4e88d9624f5a3849da6db961ef9f18bc89d1f3042d
glusterfs-api-devel-3.12.2-25.el7.x86_64.rpm SHA-256: 408c307c8f595f063e81f54262a0542c5d2cf184bb737111f2a658ea741b1128
glusterfs-cli-3.12.2-25.el7.x86_64.rpm SHA-256: 721086228b770c7d33a64c07c6939ad0630b5063a6826cf6e5634194341aad98
glusterfs-client-xlators-3.12.2-25.el7.x86_64.rpm SHA-256: 726fb86fd421db9073d7016892e30a06d46b03fc17e336836f9896f76899ec6c
glusterfs-debuginfo-3.12.2-25.el7.x86_64.rpm SHA-256: 626292ba146eaf94e53c40657175dde8c5fe6b69ccc598047e9d61df87b548bc
glusterfs-devel-3.12.2-25.el7.x86_64.rpm SHA-256: a4b8c3ce8abe8858370d7c13057f907cbf1c5c5ffee9f66dd0123cdc07bd0a3d
glusterfs-fuse-3.12.2-25.el7.x86_64.rpm SHA-256: 8a7554ef98698d0ffd1d7c4dda74be3a40aabf8f474e5196829c8ec77717d6f6
glusterfs-libs-3.12.2-25.el7.x86_64.rpm SHA-256: ba48821033515b60ce2ad9980d6b8b35618d9ff33ac1c7c9db78e59247364103
glusterfs-rdma-3.12.2-25.el7.x86_64.rpm SHA-256: 7f5d8ee5664e8d4c369bb1b8db064f0118fa4978d5583ca6a7792713623dda2f
python2-gluster-3.12.2-25.el7.x86_64.rpm SHA-256: ee9caa6cada9bf40f15ee7625bc8efd3e309dd006e866468e8900521610d0646

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7

SRPM
glusterfs-3.12.2-25.el7rhgs.src.rpm SHA-256: 985e745e8131db2d7b8167ca08b8b3f551dfb542864c83065666464abb9dbad6
redhat-storage-server-3.4.1.0-1.el7rhgs.src.rpm SHA-256: a271926cfe967de0506983c2d11bc0777e9c49979350cbf89301cd70ec676460
x86_64
glusterfs-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 99da66c1475fb981a9248d44ae3fd796a648dd9f810003ec6495df8ee034857b
glusterfs-api-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: c5d3bd14630f9c327060e86ee4d71131c930614fabec550924abefca66dc26cc
glusterfs-api-devel-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: c389eed641776945d47c4f80503b4176554d3dc71f1f303858078cef9801cc49
glusterfs-cli-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: ed9115795cf1dfa5a671e9bc1dc9ce3d31bd26f89b6ac08e6982ebd896107bc9
glusterfs-client-xlators-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 9c68a7a9e576bab5cfde7c8cf57c9390a069dcc2cc621c67b83ebbffe7fdbf72
glusterfs-debuginfo-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: a0f8cd352d9b9aed6f8c4dd15e4c97b456cdcc8267994de55a4da7c68a7e69b5
glusterfs-devel-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: f0964b6ae00017ae972299ba1ed8d47afec1929469096547d8ed2c6f4a71289e
glusterfs-events-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 45c71127a16eaea4c2afd99197299e3c952d99691258480bf187f6e3f6f7f53b
glusterfs-fuse-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 002bcb028ed8c06e9005ddcaac2bf3fe278eb21254049d03076aba05272e8239
glusterfs-ganesha-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: e25d519267ddaa612c0e29ae6535e2ec2df86e7c16c18379adfbf75745661ae6
glusterfs-geo-replication-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 36f30cba0439a742c7afafe8a656a016159e125b7d38eb8952631378046fe266
glusterfs-libs-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: b05a492e168cbff2149728c6c5b6f932e5bea64e5ad0911f6e6284e3e6ea4234
glusterfs-rdma-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 8ed5cb6a84768bded65e4a79fc9aa6dc3e8893e677569de71d259dc5fd96eb4b
glusterfs-resource-agents-3.12.2-25.el7rhgs.noarch.rpm SHA-256: 153f92fad7706d4b89ea480f23d68b4db6457a11d8a2b56ef8fa1880ae9a3a00
glusterfs-server-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: 7ff701ed142a82eb615e4caad3a1c40b7574031e139a4285499621c68ce4c426
python2-gluster-3.12.2-25.el7rhgs.x86_64.rpm SHA-256: dee559326241a4150d0ec3d421bf7650cfbdca70f5d9826bcaf1fce4fc8b26e7
redhat-storage-server-3.4.1.0-1.el7rhgs.noarch.rpm SHA-256: 6bc7d7da227358a5c2eeca29e781ea3ef29677922f0e2a60e1ba8bd28ad5fa44

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.