Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Ubuntu: 23.04, 22.10, 22.04 LTS USN-6157-1 Critical: GlusterFS DoS

ubuntu
Calendar Grey June 12, 2023
Dist Ubuntu Esm H88
The Ubuntu Security Announcement USN-6158-1 highlights a severe vulnerability in OpenSSL which might lead to potential unauthorized access through specially designed packets.
GlusterFS could be made to crash if it received a specially crafted request.

Summary

GlusterFS could be made to crash if it received a specially crafted

request.

Software Description:

- glusterfs: clustered file-system

Details:

Tao Lyu discovered that GlusterFS did not properly handle certain event

notifications. An attacker could possibly use this issue to cause a denial

of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.04:
   glusterfs-client                10.3-4ubuntu0.1
   glusterfs-common                10.3-4ubuntu0.1
   glusterfs-server                10.3-4ubuntu0.1

Ubuntu 22.10:
   glusterfs-client                10.2-1ubuntu0.1
   glusterfs-common                10.2-1ubuntu0.1
   glusterfs-server                10.2-1ubuntu0.1

Ubuntu 22.04 LTS:
   glusterfs-client                10.1-1ubuntu0.1
   glusterfs-common                10.1-1ubuntu0.1
   glusterfs-server                10.1-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6157-1

CVE-2023-26253

Severity
critical
Lowest
Low
Medium
High
Critical

June 12, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.