Local Privilege Escalation in IBM General Parallel File System
CVE-2015-4974

Currently unrated

Key Information:

Vendor: IBM
Status: Spectrum Scale; General Parallel File System
Vendor: CVE Published:; 26 October 2015

What is CVE-2015-4974?

IBM General Parallel File System (GPFS) versions prior to 3.5.0.27 in the 3.5.x branch and 4.1.1.2 in the 4.1.x branch, along with IBM Spectrum Scale 4.1.1.x before 4.1.1.2, contain a security flaw that allows local users to gain elevated privileges. This vulnerability can be exploited through unspecified methods, leading to unauthorized command execution with root privileges, posing risks to the integrity and security of sensitive data.

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366

x_refsource_CONFIRM

http://www.securitytracker.com/id/1035094

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/77025

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 26, 2015
Vulnerability Reserved
Jun 24, 2015