Sep 10, 2020 8:00 pm EDT
Categorized: High Severity
Share this post:
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM Spectrum Scale is previously known as General Parallel File System (GPFS).
Affected product(s) and affected version(s):
All fix pack levels of IBM Db2 V11.1, and V11.5 editions running on AIX and Linux are affected, and only for those customers who have Db2® pureScale™ Feature installed. IBM Db2 V10.5 is not affected.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6330585
from IBM Product Security Incident Response Team https://ift.tt/3hcZri0
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.