Lucene search

IBM93785DADA3A3705D4B0E6BA8CEC088D109D0BA5179BE30BF71ED2FA63C4948E7

HistorySep 26, 2024 - 6:08 p.m.

Security Bulletin: Vulnerability in linux affects IBM Integrated Analytics System [CVE-2024-27060]

2024-09-2618:08:11

www.ibm.com

redhat

ibm integrated analytics system

cve-2024-27060

linux kernel

denial of service

thunderbolt

authenticated attacker

fix central

AI Score

6.2

Confidence

High

JSON

Summary

Redhat provided linux is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE [CVE-2024-27060]

Vulnerability Details

CVEID:CVE-2024-27060
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a null pointer dereference in tb_port_update_credits() of ‘thunderbolt’. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/359460 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Integrated Analytics System	1.0.0-1.0.28.2

Remediation/Fixes

Affected Product(s)	VRMF	Remediation/Fixes
IBM Integrated Analytics System	1.0.30.0	Link to Fix Central

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmsmart_analytics_system_7710Matchany

VendorProductVersionCPE
ibmsmart_analytics_system_7710anycpe:2.3:a:ibm:smart_analytics_system_7710:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	smart_analytics_system_7710	any	cpe:2.3:a:ibm:smart_analytics_system_7710:any:::::::*

AI Score

6.2

Confidence

High

JSON

Related for 93785DADA3A3705D4B0E6BA8CEC088D109D0BA5179BE30BF71ED2FA63C4948E7