Denial of Service Vulnerability in IBM Spectrum Scale on Elastic Storage Server
CVE-2017-1304
6.2MEDIUM
What is CVE-2017-1304?
IBM has reported a vulnerability in Spectrum Scale/GPFS during the use of unsupported configurations on Elastic Storage Servers or GPFS Storage Servers. This issue arises when applications run on active ESS I/O server nodes and perform direct I/O operations, potentially accessing incorrect memory addresses. As a result, a Signal 11 may be triggered, leading to daemon failures, which could cause denial of service and create risks of undetected data corruption. Users should ensure proper configurations and utilize supported versions to mitigate these risks.
Affected Version(s)
Elastic Storage Server 2.0
Elastic Storage Server 2.5
Elastic Storage Server 3.0