Amazon Linux 2 : glusterfs (ALAS-2018-1128)
Medium Nessus Plugin ID 119783
SynopsisThe remote Amazon Linux 2 host is missing a security update.
DescriptionA flaw was found in dict.c:dict_unserialize function of glusterfs, dic_unserialize function does not handle negative key length values.
An attacker could use this flaw to read memory from other locations into the stored dict value.(CVE-2018-10911)
SolutionRun 'yum update glusterfs' to update your system.