CVE-2018-10908

Name of the Vulnerable Software and Affected Versions vdsm versions prior to 4.20.37

Description The issue allows an attacker to cause a denial of service condition by uploading a specially crafted image, which could consume unbounded amounts of memory or CPU time, potentially impacting other users of the host.

Recommendations For versions prior to 4.20.37, update to version 4.20.37 or later to resolve the issue. As a temporary workaround, consider restricting the upload of images to trusted sources until the update is applied.