High severity8.8NVD Advisory· Published Sep 4, 2018· Updated Jun 17, 2026
CVE-2018-10928
CVE-2018-10928
Description
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Red Hat/glusterfsv5Range: n/a
Patches
Vulnerability mechanics
References
8- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.htmlnvdMailing ListThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2607nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2608nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:3470nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/09/msg00021.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/11/msg00000.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201904-06nvdThird Party Advisory
News mentions
0No linked articles in our index yet.