A denial of service flaw was found in the way the __socket_proto_state_machine() function of glusterfs processed certain fragment headers. A remote attacker could send a specially crafted fragment header that, when processed, would cause the glusterfs process to enter an infinite loop.
http://lists.opensuse.org/opensuse-updates/2015-03/msg00031.html
http://review.gluster.org/#/c/8662/4
http://lists.opensuse.org/opensuse-updates/2015-03/msg00056.html
https://bugzilla.redhat.com/show_bug.cgi?id=1138145
http://advisories.mageia.org/MGASA-2015-0145.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:211
https://access.redhat.com/errata/RHBA-2015:0040