1. Home
  2. CVE Database
  3. CVE-2020-4411
HIGH · 7.1

CVE-2020-4411

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to caus...

Vulnerability Description

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
IbmSpectrum Scale>= 4.2.0.0, <= 4.2.3.21
IbmAix-
LinuxLinux Kernel-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2020-4411?

CVE-2020-4411 is a vulnerability with a CVSS score of 7.1 (HIGH). The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to caus...

How severe is CVE-2020-4411?

CVE-2020-4411 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-4411?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Scale, Ibm Aix, Linux Linux Kernel.