CVE-2020-4411

Name of the Vulnerable Software and Affected Versions Spectrum Scale versions 4.2.0.0 through 4.2.3.21 Spectrum Scale versions 5.0.0.0 through 5.0.4.3

Description The file system component of the affected software is susceptible to a denial of service issue due to a vulnerability in its kernel module. This could allow an attacker to cause a denial of service condition on the affected system by invoking a subset of ioctls on the device with non-valid arguments, potentially crashing the kernel.

Recommendations For versions 4.2.0.0 through 4.2.3.21, consider restricting access to the kernel module to minimize the risk of exploitation. For versions 5.0.0.0 through 5.0.4.3, consider restricting access to the kernel module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.