{"id":"CVE-2017-1000198","details":"tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service","modified":"2026-05-18T10:00:13.719419Z","published":"2017-11-17T02:29:00.927Z","related":["SUSE-SU-2017:2601-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3277"},{"type":"FIX","url":"https://github.com/open-iscsi/tcmu-runner/commit/61bd03e600d2abf309173e9186f4d465bb1b7157"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/open-iscsi/tcmu-runner","events":[{"introduced":"0"},{"last_affected":"0579395e3227bd4dee4bc8bf643a69b1694b26a0"},{"last_affected":"592d68205fb01140255d4e8596c0ba8979da3ea9"},{"last_affected":"1624c9ad92efbd0840096f428ddfed6aa508f862"},{"last_affected":"ab770251f78374f9538d6b3c961298d49185ed78"},{"last_affected":"351b1ed70fcca1dfb43f0a619b980a12d3961b35"},{"last_affected":"be0875db70cd6ff804bfddd26a3428c6b69cffed"},{"last_affected":"00e858fc173173b2e4a45d61aca853016f8e6827"},{"last_affected":"8ed4677eb930952c018dc9a505f73f1d91ae9a05"},{"last_affected":"c7683ad32429adf707f4d94c23bd065c51949b50"},{"last_affected":"00658265d83d0573168a2f045af154227074870c"},{"last_affected":"3d335660333b98cd5bdb8983a619c3b00b814b3e"}],"database_specific":{"cpe":["cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.0:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.1:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.2:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.3:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.4:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.0.5:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.0:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.1:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.2:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.3:*:*:*:*:*:*:*","cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.2.0:*:*:*:*:*:*:*"],"extracted_events":[{"introduced":"0"},{"last_affected":"0.9.0"},{"last_affected":"0.9.1"},{"last_affected":"0.9.2"},{"last_affected":"0.9.3"},{"last_affected":"0.9.4"},{"last_affected":"1.0.5"},{"last_affected":"1.1.0"},{"last_affected":"1.1.1"},{"last_affected":"1.1.2"},{"last_affected":"1.1.3"},{"last_affected":"1.2.0"}],"source":"CPE_FIELD"}}],"versions":["v1.2.0","v1.1.3","v1.1.2","v1.1.1","v1.1.0","v1.0.4","v1.0.5","v1.0.3","v1.0.2","v1.0.1","v1.0.0","v0.9.4","v0.9.3","v0.9.2","v0.9.1","v0.9.0","v0.8.4","v0.8.3","v0.8.2","v0.8.1","v0.8"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000198.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}