CVE-2017-1304: Buffer Overflow

First published: Wed Jun 21 2017(Updated: )

IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server (ESS)/GPFS Storage Server (GSS) during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a write to a Spectrum Scale file. This vulnerability may result in the use of an incorrect memory address, leading to a Spectrum Scale/GPFS daemon failure with a Signal 11, and possibly leading to denial of service or undetected data corruption. IBM X-Force ID: 125458.

Credit: psirt@us.ibm.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/references
• agent/severity
• agent/author
• agent/type
• agent/event
• agent/weakness
• agent/description
• agent/last-modified-date
• agent/softwarecombine
• agent/first-publish-date
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/ibm
• canonical/ibm elastic storage server
• version/ibm elastic storage server/2.0.0
• version/ibm elastic storage server/2.5.0
• version/ibm elastic storage server/2.5.5
• version/ibm elastic storage server/3.0.0
• version/ibm elastic storage server/3.0.5
• version/ibm elastic storage server/3.5.0
• version/ibm elastic storage server/3.5.6
• version/ibm elastic storage server/4.0.0
• version/ibm elastic storage server/4.0.6
• version/ibm elastic storage server/4.5.0
• version/ibm elastic storage server/4.6.0
• version/ibm elastic storage server/5.0.0
• version/ibm elastic storage server/5.0.1