CVE-2018-10911 Vulnerability Details

  /     /     /  

CVE-2018-10911 Metadata Quick Info

CVE Published: 04/09/2018 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: redhat | Vendor: Red Hat | Product: glusterfs:
Status : PUBLISHED

---

CVE-2018-10911 Description

A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-502
CWE Name: CWE-502
Source: Red Hat

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).