CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
IBM Storage Copy Data Management can be affected by vulnerabilities in Linux Kernel. Vulnerabilities include an attacker or local attacker could exploit these vulnerabilities to cause a denial of service condition and to execute code in the context of the kernel as described by the CVEs in the “Vulnerability Details” section.
**CVEID:**CVE-2024-26614 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an error related to making sure init the accept_queue’s spinlocks once. A local attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-20: Improper Input Validation **CVSS Source:**IBM X-Force **CVSS Base score:**6.2 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-36886 **DESCRIPTION:**Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when processing fragmented TIPC messages. By sending a specially crafted request, an attacker could exploit this vulnerability to execute code in the context of the kernel. **CWE:**CWE-416: Use After Free **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-52471 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in ice_ptp.c. A local attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-476: NULL Pointer Dereference **CVSS Source:**IBM X-Force **CVSS Base score:**6.2 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Storage Copy Data Management | 2.2.0.0 - 2.2.24.0 |
Affected Versions | Fixing Level | Platform | Link to Fix and Instructions |
---|---|---|---|
2.2.0.0 - 2.2.24.0 | 2.2.24.1 | Linux | https://www.ibm.com/support/pages/node/7150077 |
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | storage_copy_data_management | 2.2 | cpe:2.3:a:ibm:storage_copy_data_management:2.2:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High