CVE-2020-4492
First published: Tue Aug 04 2020(Updated: )
IBM Spectrum Scale could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Spectrum Scale | >=4.2.0.0<=4.2.3.21 | |
| IBM Spectrum Scale | >=5.0.0.0<=5.0.4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2020-4492.
What is the severity of CVE-2020-4492?
The severity of CVE-2020-4492 is medium.
How can a local attacker exploit CVE-2020-4492?
A local attacker can exploit CVE-2020-4492 by sending a subset of ioctls on the device with invalid arguments, causing a denial of service that crashes the kernel.
Which versions of IBM Spectrum Scale are affected by CVE-2020-4492?
IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 are affected by CVE-2020-4492.
How can I fix the vulnerability CVE-2020-4492?
To fix CVE-2020-4492, it is recommended to apply the latest updates or patches provided by IBM.
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- vendor/ibm
- canonical/ibm spectrum scale
- version/ibm spectrum scale/4.2.0.0
- version/ibm spectrum scale/4.2.3.21
- version/ibm spectrum scale/5.0.0.0
- version/ibm spectrum scale/5.0.4.3