Vulnerability in Gluster Glusterfs
CVE-2014-3619
The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header.
EPSS: 0.011 (78.5th percentile) — read the EPSS interpretation.
Affected products
- Gluster Glusterfs — versions 3.5
- Opensuse — versions 13.1
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_MISC)
- MDVSA-2015:211 (vendor-advisory, x_refsource_MANDRIVA)
- secalert@redhat.com (x_refsource_CONFIRM)
- openSUSE-SU-2015:0473 (vendor-advisory, x_refsource_SUSE)
- openSUSE-SU-2015:0528 (vendor-advisory, x_refsource_SUSE)