CVE-2016-9868

EUVD-2016-10659
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
emcscaleio
𝑥
≤ 2.0.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/archive/1/539983/30/0/threaded
http://www.securityfocus.com/bid/95301
http://www.securityfocus.com/archive/1/539983/30/0/threaded
http://www.securityfocus.com/bid/95301