IBM6A46918BB59EEA4DB625841CFE6DFC8DE7CA75CFC1C14DBD62FDC1AC63A2B7B2Security Bulletin: Vulnerability in Linux Kernel could affect IBM Storage Copy Data Management
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
High
Summary
IBM Storage Copy Data Management can be affected by a vulnerability in Linux Kernel. An attacker could exploit this vulnerability to cause the wrong portion of the block buffer to be read or a denial of service as described by the CVE in the “Vulnerability Details” section.
Vulnerability Details
CVEID:CVE-2024-26593
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read within i2c: i801. An attacker could exploit this vulnerability to cause the wrong portion of the block buffer to be read or a denial of service.
CVSS Base score: 6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/283948 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Storage Copy Data Management | 2.2.0.0 - 2.2.24.0 |
Remediation/Fixes
Affected Versions|**Fixing
**Level|Platform|**Link to Fix and Instructions
**
—|—|—|—
2.2.0.0 - 2.2.24.0| 2.2.24.1| Linux| <https://www.ibm.com/support/pages/node/7150077>
Workarounds and Mitigations
None
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | storage_copy_data_management | 2.2 | cpe:2.3:a:ibm:storage_copy_data_management:2.2:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
High