A local non-root user with access to the D-Bus system bus can call the UnregisterHandler method implemented in the tcmu-runner daemon with the name of a handler loaded internally in tcmu-runner via dlopen() and cause a NULL pointer dereference resulting in DoS. Upstream patch: https://github.com/open-iscsi/tcmu-runner/commit/bb80e9c7a798f035768260ebdadffb6eb0786178 References: http://seclists.org/oss-sec/2017/q3/207
Created tcmu-runner tracking bugs for this issue: Affects: fedora-all [bug 1487255]
This issue has been addressed in the following products: Red Hat Gluster Storage 3.3 for RHEL 7 Via RHSA-2017:3277 https://access.redhat.com/errata/RHSA-2017:3277