PT-2020-18227 · Ibm · Ibm Spectrum Scale+1
Published
2020-10-20
·
Updated
2020-10-20
·
CVE-2020-4756
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Spectrum Scale versions 4.2.0.0 through 4.2.3.23
IBM Spectrum Scale versions 5.0.0.0 through 5.0.5.2
IBM Elastic Storage System versions 6.0.0 through 6.0.1.0
Description
The issue allows a local attacker to invoke a subset of ioctls on the device with invalid arguments, which could crash the kernel and cause a denial of service.
Recommendations
For IBM Spectrum Scale versions 4.2.0.0 through 4.2.3.23, update to a version outside of this range to resolve the issue.
For IBM Spectrum Scale versions 5.0.0.0 through 5.0.5.2, update to a version outside of this range to resolve the issue.
For IBM Elastic Storage System versions 6.0.0 through 6.0.1.0, update to a version outside of this range to resolve the issue.
Fix
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Elastic Storage System
Ibm Spectrum Scale