The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a 00000000 fragment header.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Opensuse | Opensuse | 13.1 (including) | 13.1 (including) |
| Native Client for RHEL 5 for Red Hat Storage | RedHat | glusterfs-0:3.6.0.42-1.el5 | * |
| Native Client for RHEL 6 for Red Hat Storage | RedHat | glusterfs-0:3.6.0.42-1.el6 | * |
| Red Hat Common for RHEL 7 | RedHat | glusterfs-0:3.6.0.42-1.el7 | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | glusterfs-0:3.6.0.42-1.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | gluster-nagios-addons-0:0.1.14-1.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | gluster-nagios-common-0:0.1.4-1.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | gstatus-0:0.62-1.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | openstack-swift-0:1.13.1-2.el6ost | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | openstack-swift-plugin-swift3-0:1.7-3.el6ost | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | python-paste-deploy-0:1.5.0-10.el6ost | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | python-swiftclient-0:2.1.0-2.el6ost | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | redhat-storage-server-0:3.0.3.4-1.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | samba-0:3.6.509-169.4.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | swiftonfile-0:1.13.1-2.el6rhs | * |
| Red Hat Storage 3 for RHEL 6 | RedHat | vdsm-0:4.14.7.3-1.el6rhs | * |
| Glusterfs | Ubuntu | lucid | * |
| Glusterfs | Ubuntu | precise | * |
| Glusterfs | Ubuntu | trusty | * |
| Glusterfs | Ubuntu | trusty/esm | * |
| Glusterfs | Ubuntu | upstream | * |
| Glusterfs | Ubuntu | utopic | * |