CVE-2018-1782

Name of the Vulnerable Software and Affected Versions IBM GPFS versions 5.0.1.0 through 5.0.1.1

Description The issue allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system.

Recommendations For versions 5.0.1.0 and 5.0.1.1, consider restricting access to files stored on GPFS file systems to prevent unauthorized users from accessing or executing crafted files, and avoid using mmap to access files on GPFS file systems until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.