Oval Definition:oval:org.opensuse.security:def:20181088
Revision Date:2022-06-30Version:1
Title:CVE-2018-1088
Description:

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-1088
openSUSE-SU-2020:0079-1
Mitre CVE-2018-1088
SUSE CVE-2018-1088
openSUSE-SU-2020:0079-1
Platform(s):openSUSE Leap 15.1
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • glusterfs-3.12.15-lp151.3.3 is installed
  • AND glusterfs is signed with openSUSE key
  • OR
  • glusterfs-devel-3.12.15-lp151.3.3 is installed
  • AND glusterfs-devel is signed with openSUSE key
  • OR
  • libgfapi0-3.12.15-lp151.3.3 is installed
  • AND libgfapi0 is signed with openSUSE key
  • OR
  • libgfchangelog0-3.12.15-lp151.3.3 is installed
  • AND libgfchangelog0 is signed with openSUSE key
  • OR
  • libgfdb0-3.12.15-lp151.3.3 is installed
  • AND libgfdb0 is signed with openSUSE key
  • OR
  • libgfrpc0-3.12.15-lp151.3.3 is installed
  • AND libgfrpc0 is signed with openSUSE key
  • OR
  • libgfxdr0-3.12.15-lp151.3.3 is installed
  • AND libgfxdr0 is signed with openSUSE key
  • OR
  • libglusterfs0-3.12.15-lp151.3.3 is installed
  • AND libglusterfs0 is signed with openSUSE key
  • OR
  • python-gluster-3.12.15-lp151.3.3 is installed
  • AND python-gluster is signed with openSUSE key
  • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • glusterfs-9.1-1.3 is installed
  • OR glusterfs-devel-9.1-1.3 is installed
  • OR libgfapi0-9.1-1.3 is installed
  • OR libgfchangelog0-9.1-1.3 is installed
  • OR libgfrpc0-9.1-1.3 is installed
  • OR libgfxdr0-9.1-1.3 is installed
  • OR libglusterd0-9.1-1.3 is installed
  • OR libglusterfs0-9.1-1.3 is installed
  • OR python3-gluster-9.1-1.3 is installed
  • BACK