Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)

Summary Security vulnerabilities have been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow: - a local attacker to execute commands as root by setting environment variables processed by setuid programs CVE-2016-2985 - a local attacker to execute commands as root by...

Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2016-2985 and CVE-2016-2984)

Summary There are vulnerabilities in IBM Spectrum Scale packaged with IBM Spectrum Scale RAID for the Elastic Storage Server and the GPFS Storage Server. Vulnerability Details CVEID: CVE-2016-2985 DESCRIPTION: A security vulnerability has been identified in IBM Spectrum Scale and IBM GPFS that...

Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2016-2985 and CVE-2016-2984)

Summary There are vulnerabilities in IBM Spectrum Scale packaged with IBM Spectrum Scale RAID for the Elastic Storage Server and the GPFS Storage Server. Vulnerability Details CVEID: CVE-2016-2985 DESCRIPTION: A security vulnerability has been identified in IBM Spectrum Scale and IBM GPFS that...

Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)

Summary Security vulnerabilities have been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow: - a local attacker to execute commands as root by setting environment variables processed by setuid programs CVE-2016-2985 - a local attacker to execute commands as root by...

Security Bulletin: GPFS security vulnerabilities in IBM SONAS (CVE-2016-2985 and CVE-2016-2984 )

Summary A fix is available for IBM SONAS, for GPFS security vulnerabilities Vulnerability Details IBM General Parallel File System GPFS is a high-performance clustered file system. It is used in IBM SONAS. CVEID: CVE-2016-2985 DESCRIPTION: A security vulnerability has been identified in IBM...

Security Bulletin: GPFS security vulnerabilities in IBM Storwize V7000 Unified (CVE-2016-2985 and CVE-2016-2984)

Summary A fix is available for IBM Storwize V7000 Unified, for GPFS security vulnerabilities Vulnerability Details IBM General Parallel File System GPFS is a high-performance clustered file system. It is used in IBM Storwize V7000 Unified. CVEID: CVE-2016-2985 DESCRIPTION: A security vulnerabilit...

Security Bulletin: IBM® DB2® LUW on AIX and Linux Affected by Multiple Vulnerabilities in GPFS (CVE-2016-2984, CVE-2016-2985).

Summary DB2 LUW is affected by multiple vulnerabilities in IBM® General Parallel File System, Version 3.5 and 4.1.1 that is used by DB2® pureScale™ Feature on AIX and Linux. Vulnerability Details CVEID: CVE-2016-2984 DESCRIPTION: A security vulnerability has been identified in IBM Spectrum Scale...

Security Bulletin: The GPFS pattern provided with IBM PureApplication System is affected by security vulnerabilities. (CVE-2016-2985 and CVE-2016-2984)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow a local attacker to execute commands as root. IBM PureApplication System provides a GPFS pattern and addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2985...

CVE-2016-2985

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program...

CVE-2016-2985

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program...

CVE-2016-2985

CVE-2016-2985 affects IBM Spectrum Scale/GPFS where a local attacker can gain root privileges by manipulating environment variables processed by setuid executables under /usr/lpp/mmfs/bin. Affected products/versions include IBM Spectrum Scale V4.2.0.x before 4.2.0.4, V4.1.1.x before 4.1.1.8, and ...