DEBIAN-CVE-2018-1088

DEBIAN-CVE-2018-1088 PUBLISHED CVSS 8.100000381469727 HIGH

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:11	glusterfs	0, 0, 0
Debian:12	glusterfs	0, 0, 0
Debian:13	glusterfs	0, 0, 0
Debian:14	glusterfs	0, 0, 0

Timeline

Apr 18, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-1088 advisory

Open in Interactive Console →