CVE-2017-1000198

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-1000198
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000198.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-1000198
Downstream
Related
Published
2017-11-17T02:29:00.927Z
Modified
2026-05-18T10:00:13.719419Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service

References

Affected packages

Git / github.com/open-iscsi/tcmu-runner

Affected ranges

Type
GIT
Repo
https://github.com/open-iscsi/tcmu-runner
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0579395e3227bd4dee4bc8bf643a69b1694b26a0
Last affected
592d68205fb01140255d4e8596c0ba8979da3ea9
Last affected
1624c9ad92efbd0840096f428ddfed6aa508f862
Last affected
ab770251f78374f9538d6b3c961298d49185ed78
Last affected
351b1ed70fcca1dfb43f0a619b980a12d3961b35
Last affected
be0875db70cd6ff804bfddd26a3428c6b69cffed
Last affected
00e858fc173173b2e4a45d61aca853016f8e6827
Last affected
8ed4677eb930952c018dc9a505f73f1d91ae9a05
Last affected
c7683ad32429adf707f4d94c23bd065c51949b50
Last affected
00658265d83d0573168a2f045af154227074870c
Last affected
3d335660333b98cd5bdb8983a619c3b00b814b3e
Database specific 
{
    "cpe": [
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.0.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.2.0:*:*:*:*:*:*:*"
    ],
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.9.0"
        },
        {
            "last_affected": "0.9.1"
        },
        {
            "last_affected": "0.9.2"
        },
        {
            "last_affected": "0.9.3"
        },
        {
            "last_affected": "0.9.4"
        },
        {
            "last_affected": "1.0.5"
        },
        {
            "last_affected": "1.1.0"
        },
        {
            "last_affected": "1.1.1"
        },
        {
            "last_affected": "1.1.2"
        },
        {
            "last_affected": "1.1.3"
        },
        {
            "last_affected": "1.2.0"
        }
    ]
}

Affected versions

v0.*
v0.8
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.2.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000198.json"