Oval Definition:
oval:com.ubuntu.cosmic:def:201810880000000
Revision Date
:
2018-04-18
Version
:
1
Title
:
CVE-2018-1088 on Ubuntu 18.10 (cosmic) - medium.
Description
:
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2018-1088
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
glusterfs package in cosmic, is related to the CVE in some way and has been fixed (note: '4.0.2-1').
BACK