24 matches found
Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)
Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included in 6.1.9.8 and 6.2.3.2
Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed in 6.1.9.8 and 6.2.3.2. Vulnerability Details CVEID:CVE-2024-26934 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: USB: cor...
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included in 6.2.2.1 and 6.1.9.6.
Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed in 6.2.2.1 and 6.1.9.6. Vulnerability Details CVEID:CVE-2024-42240 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: x86/bhi:...
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included in 6.2.3.0 and 6.1.9.7.
Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed in 6.2.3.0 and 6.1.9.7. Vulnerability Details CVEID:CVE-2024-35809 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: PCI/PM:...
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Storage Scale System
Summary There are multiple vulnerabilities in the Linux kernel, used by IBM Storage Scale System, which could allow a denial of service. Fixes for these vulnerabilities are available. Vulnerability Details CVEID:CVE-2024-40998 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities that can affect IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-36889 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the failure to ensure...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities, used by IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-26643 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to page fault...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities that can affect IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2023-52451 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to acces...
Security Bulletin: IBM Storage Scale System may be affected by vulnerabilities in OpenSSL
Summary Security vulnerabilities have been discovered in OpenSSL that are now fixed. Vulnerability Details CVEID:CVE-2023-3446 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a DH key or DH...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities used by IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-36005 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to netfilter:...
Security Bulletin: Multiple vulnerabilities in IBM JAVA JDK affect IBM Storage Scale packaged in IBM Storage Scale System
Summary Multiple vulnerabilities in IBM Java JDK, used by IBM Storage Scale System GUI, could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact and no availability impact. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926,...
Security Bulletin: Multiple PostgreSQL Vulnerabilities Affect IBM Storage Scale System
Summary There are vulnerabilities in PostgreSQL versions used by IBM Storage Scale System that could allow a remote authenticated attacker to obtain sensitive information or bypass security restrictions, a denial of service and a buffer overflow. IBM Storage Scale System has addressed the...
Security Bulletin: Multiple Linux Kernel vulnerabilities affect IBM Storage Scale System.
Summary There are multiple vulnerabilities in the Linux Kernel, used by IBM Storage Scale System, which could allow a local authenticated attacker to gain elevated privileges on the system. Fixes for these vulnerabilities are available. CVE-2023-51043, CVE-2024-1086, CVE-2024-0646, CVE-2023-6932,...
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affects IBM Storage Scale packaged in IBM Storage Scale System
Summary There are vulnerabilities in IBM WebSphere Application Server Liberty, used by IBM Storage Scale System GUI, which could allow a remote attacker to cause a denial of service. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSS...
Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Storage Scale packaged in IBM Storage Scale System
Summary There is a vulnerability in IBM WebSphere Application Server Liberty, used by IBM Storage Scale System, which could allow a remote attacker to cause a denial of service. CVE-2023-46158, CVE-2023-44487 Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server...
Security Bulletin: Vulnerability in libcurl may affect IBM Storage Scale System (CVE-2023-28322)
Summary A vulnerability in libcurl may allow a remote attacker to bypass security restrictions in IBM Storage Scale System. A fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2023-28322 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions...
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Storage Scale System
Summary There are multiple vulnerabilities in the Linux Kernel, used by IBM Storage Scale System, which could allow a denial of service, an attacker to obtain sensitive information or gain elevated privileges on the system . Fixes for these vulnerabilities are available. CVE-2023-3772,...
Security Bulletin: Multiple PostgreSQL Vulnerability affects IBM Storage Scale System (CVE-2023-2454, CVE-2022-2625)
Summary There are vulnerabilities in PostgreSQL versions used by IBM Storage Scale System and the applicable CVEs are addressed. Vulnerability Details CVEID:CVE-2023-2454 DESCRIPTION: PostgreSQL could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw i...
Security Bulletin: Multiple vulnerabilities in Python may affect the IBM Storage Scale System
Summary Multiple security vulnerabilities have been identified in IBM Storage Scale System where Python is vulnerable to denial of service. Fixes for these vulnerabilities are available. Vulnerability Details CVEID:CVE-2022-45061 DESCRIPTION: Python is vulnerable to a denial of service, caused by...
Security Bulletin: glibc vulnerability may affect IBM Storage Scale System (CVE-2023-4806)
Summary IBM Storage Scale System is shipped with GNU glibc, for which a fix is available for a security vulnerability. Vulnerability Details CVEID:CVE-2023-4806 DESCRIPTION: GNU glibc is vulnerable to a denial of service, caused by a use-after-free flaw in the getaddrinfo function. By sending a...