Ubuntu 6283 Published by

A GlusterFS security update has been released for Ubuntu Linux 16.04 ESM.



USN-5989-1: GlusterFS vulnerability


==========================================================================
Ubuntu Security Notice USN-5989-1
March 30, 2023

glusterfs vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

GlusterFS could be made to crash if it received a specially
crafted request.

Software Description:
- glusterfs: clustered file-system

Details:

Tao Lyu discovered that GlusterFS did not properly handle certain
event notifications. An attacker could possibly use this issue to
cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
glusterfs-client 3.7.6-1ubuntu1+esm2
glusterfs-common 3.7.6-1ubuntu1+esm2
glusterfs-server 3.7.6-1ubuntu1+esm2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5989-1
CVE-2023-26253