CVE-2017-1304 is a vulnerability in IBM Elastic Storage Server
Published on June 21, 2017
IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server (ESS)/GPFS Storage Server (GSS) during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a write to a Spectrum Scale file. This vulnerability may result in the use of an incorrect memory address, leading to a Spectrum Scale/GPFS daemon failure with a Signal 11, and possibly leading to denial of service or undetected data corruption. IBM X-Force ID: 125458.
Products Associated with CVE-2017-1304
Want to know whenever a new CVE is published for IBM Elastic Storage Server? stack.watch will email you.
Affected Versions
IBM Elastic Storage Server:- Version 2.0 is affected.
- Version 2.5 is affected.
- Version 3.0 is affected.
- Version 3.5 is affected.
- Version 4.0 is affected.
- Version 4.5 is affected.
- Version 5.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.