A flaw was found in glusterfs. A null pointer dereference in in send_brick_req function in glusterfsd/src/gf_attach.c may cause local denial of service. References: https://bugzilla.redhat.com/show_bug.cgi?id=1502928
Created glusterfs tracking bugs for this issue: Affects: fedora-all [bug 1504256]
Analysis Only local DoS of glusterfsd is possible with this. Impact of this flaw is low.
It's not even a DoS of glusterfsd. Worst case is that gf_attach runs out of memory, which would be a failure anyway, and then fails with a SIGSEGV in STACK_DESTROY (the other two functions check for NULL) instead of ENOMEM. Not sure GlusterD (management daemon) would even notice the difference, and even if it did that would only affect adding or removing bricks. Other management operations, and the entire I/O path, would be unaffected. It's a bug, sure, but it's not clearly a *security* bug at all.
(In reply to Jeff Darcy from comment #3) > It's not even a DoS of glusterfsd. Worst case is that gf_attach runs out of > memory, which would be a failure anyway, and then fails with a SIGSEGV in > STACK_DESTROY (the other two functions check for NULL) instead of ENOMEM. > Not sure GlusterD (management daemon) would even notice the difference, and > even if it did that would only affect adding or removing bricks. Other > management operations, and the entire I/O path, would be unaffected. It's a > bug, sure, but it's not clearly a *security* bug at all. Hi Jeff, agreed that is why I set impact of this being low. It is at a border line between low to no security flaw.