Tcmu-Runner Project: >> Tcmu-Runner >> 1.1.2 Security Vulnerabilities
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
CVSS Score
5.5
EPSS Score
0.0
Published
2017-11-17
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
CVSS Score
7.5
EPSS Score
0.003
Published
2017-11-17
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-11-17
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service
CVSS Score
7.5
EPSS Score
0.004
Published
2017-11-17