2018-10-31 19:00:00
redhat
PUBLISHED
The Gluster file system through version 4.1.4 is vulnerable to abuse of the features/index translator. A remote attacker with access to mount volumes could exploit this via the GF_XATTROP_ENTRY_IN_KEY xattrop to create arbitrary, empty files on the target server.