Redhat Enterprise Virtualization Host vulnerabilities

CVE-2018-14652 [MEDIUM] CWE-120 CVE-2018-14652: The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'f The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service.

CVE-2018-1111 [HIGH] CWE-77 CVE-2018-1111: DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a comman DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on syst