CVE-2018-14652

Name of the Vulnerable Software and Affected Versions Gluster file system versions prior to 4.1.5

Description The issue is related to a buffer overflow in the 'features/index' translator, specifically in the code handling the GF XATTR CLRLK CMD xattr within the pl getxattr function. This could be exploited by a remote authenticated attacker to cause a denial of service on a mounted volume.

Recommendations For Gluster file system versions prior to 4.1.5, update to version 4.1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the pl getxattr function or the 'features/index' translator to minimize the risk of exploitation.