Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

openSUSE 2026-0099-1 glusterfs Important Buffer Overread DoS CVE-2022-48340

opensuse
Calendar Grey March 27, 2026
Dist Opensuse Esm H88
This advisory reveals important updates for glusterfs addressing key vulnerabilities in openSUSE systems.
An update that solves two vulnerabilities and has two fixes is now available.

Description

This update for glusterfs fixes the following issues:

- Update to release 11.2

* Next minor release tentative date: Release will be based on requirement

only

* Users are highly encouraged to upgrade to newer releases of GlusterFS.

* Important fixes in this release

- Regression suite tests failures are addressed

- Fixed notify stack-based buffer over-read (boo#1208519,

CVE-2023-26253)

- Update to release 11.1

* Fix upgrade issue by reverting posix change related to storage.reserve

value

* Fix possible data loss during rebalance if there is any linkfile on

the system

- Disable IO_uring for now [boo#1210894]

- Update to release 11 [boo#1208517] [boo#1208519]

* Major performance impovement of ~36% with rmdir operations

* Extension of ZFS support for snapshots

* Qouta implimentation based on namespace

* Major cleanups and readdir/readdirp improvements

* Fixed use-after-free in...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-99=1

Package List

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

glusterfs-11.2-bp157.2.3.1

glusterfs-devel-11.2-bp157.2.3.1

libgfapi0-11.2-bp157.2.3.1

libgfchangelog0-11.2-bp157.2.3.1

libgfrpc0-11.2-bp157.2.3.1

libgfxdr0-11.2-bp157.2.3.1

libglusterfs0-11.2-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (noarch):

python3-gluster-11.2-bp157.2.3.1

References

https://www.suse.com/security/cve/CVE-2022-48340.html

https://www.suse.com/security/cve/CVE-2023-26253.html

https://bugzilla.suse.com/1208517

https://bugzilla.suse.com/1208519

https://bugzilla.suse.com/1210894

https://bugzilla.suse.com/1212476

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0099-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP7 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here