Description
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986.
CVSS breakdown
CVSS 3.0
Attack Complexity
Low
Integrity
None
Confidentiality
None
User Interaction
None
Privileges Required
None
Attack Vector
Local
Scope
Changed
Availability
High
RL
O
E
Unchanged
RC
Changed
Affected products
- ibm / Spectrum Scale4.2.0.0 – 4.2.0.0
- ibm / Spectrum Scale5.0.0.0 – 5.0.0.0
- ibm / Spectrum Scale5.0.4.3 – 5.0.4.3
- ibm / Spectrum Scale4.2.3.21 – 4.2.3.21