Home Unlabelled IBM Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by the use of Local Read Only Cache (LROC) which may result in directory corruption and undetected data corruption in regular files.

IBM Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by the use of Local Read Only Cache (LROC) which may result in directory corruption and undetected data corruption in regular files.

By
Tuesday, February 05, 2019
Read
Add Comment

The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale where after cached data is moved from memory to the LROC device, any changes to that data should trigger invalidation of the data stored in LROC. Due to a problem with invalidation logic, it is possible for the invalidation of this LROC data to be skipped. This could lead to stale or incorrect data being recalled from LROC, with potential for the corruption of files and directories

CVE(s): CVE-2018-1993

Affected product(s) and affected version(s):
The Elastic Storage Server 5.3 thru 5.3.1.1
The Elastic Storage Server 5.0.0 thru 5.2.4
The Elastic Storage Server 4.5.0 thru 4.6.0
The Elastic Storage Server 4.0.0 thru 4.0.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10794443
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/154440

The post IBM Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by the use of Local Read Only Cache (LROC) which may result in directory corruption and undetected data corruption in regular files. appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ibm.co/2MPpTke
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us