{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T14:24:22.315","vulnerabilities":[{"cve":{"id":"CVE-2018-10924","sourceIdentifier":"secalert@redhat.com","published":"2018-09-04T15:29:00.273","lastModified":"2024-11-21T03:42:18.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine."},{"lang":"es","value":"Se ha descubierto que la llamada del sistema fsync(2) en el código del cliente glusterfs filtra memoria. Un atacante autenticado podría empelar este error para lanzar un ataque de denegación de servicio (DoS) haciendo que los clientes gluster consuman la memoria de la máquina host."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:C","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-772"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gluster:glusterfs:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12.11","versionEndExcluding":"3.12.14","matchCriteriaId":"3C42FB8A-5CE4-4116-B169-CECDCEC47FE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:gluster:glusterfs:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.1.4","matchCriteriaId":"2AB23350-9ED4-45E3-B228-36DB367A3DDE"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10924","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://review.gluster.org/#/c/glusterfs/+/20723/","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/201904-06","source":"secalert@redhat.com"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10924","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://review.gluster.org/#/c/glusterfs/+/20723/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/201904-06","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}