High Severity

Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System

Share this post:

There are security vulnerabilities in versions of Linux Kernel that are shipped with versions of IBM Elastic Storage System. A fix for these vulnerabilities is available.

CVE(s): CVE-2020-35508, CVE-2021-33909, CVE-2020-25704

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Elastic Storage System 6.1.0 – 6.1.1.2
IBM Elastic Storage System 6.0.0 – 6.0.2.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6529340
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198870
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205906
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/191348

More stories

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

May 17, 2022 | High Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more


Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

May 17, 2022 | High Severity

IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more


Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-0778)

May 17, 2022 | High Severity

OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. ...read more