CVE-2018-1782 — IBM Spectrum Scale vulnerability

3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.0%

top 85.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Spectrum Scale

Timeline

PublishedSep 19

Latest updateMay 13

Description

IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5ibm/spectrum_scale5.0.1.0, 5.0.1.1+1

▶NVDibm/spectrum_scale5.0.1.0, 5.0.1.1+1

🔴Vulnerability Details

GHSA

GHSA-5qf9-xcjw-v37w: IBM GPFS (IBM Spectrum Scale 5↗2022-05-13

▶

CVEList

CVE-2018-1782: IBM GPFS (IBM Spectrum Scale 5↗2018-09-19

▶