CVE-2023-26253
Summary
| CVE | CVE-2023-26253 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-02-21 02:15:00 UTC |
| Updated | 2023-11-07 04:09:00 UTC |
| Description | In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| AddressSanitizer: stack-buffer-overflow in notify at glusterfs/xlators/mount/fuse/src/fuse-bridge.c · Issue #3954 · gluster/glusterfs · GitHub | MISC | github.com | |
| [SECURITY] Fedora 37 Update: glusterfs-10.4-1.fc37 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 37 Update: glusterfs-10.4-1.fc37 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 184282 Debian Security Update for glusterfs (CVE-2023-26253)
- 199412 Ubuntu Security Notification for GlusterFS Vulnerability (USN-6157-1)
- 199580 Ubuntu Security Notification for GlusterFS Vulnerability (USN-5989-1)
- 283870 Fedora Security Update for glusterfs (FEDORA-2023-5a54eea360)
- 355388 Amazon Linux Security Advisory for glusterfs : ALAS2-2023-2071
- 672921 EulerOS Security Update for glusterfs (EulerOS-SA-2023-1821)
- 672946 EulerOS Security Update for glusterfs (EulerOS-SA-2023-1803)
- 673175 EulerOS Security Update for glusterfs (EulerOS-SA-2023-2333)
- 673176 EulerOS Security Update for glusterfs (EulerOS-SA-2023-2313)
- 673796 EulerOS Security Update for glusterfs (EulerOS-SA-2023-2685)
- 673942 EulerOS Security Update for glusterfs (EulerOS-SA-2023-2643)