Problem Note 63474: IBM Spectrum LSF 9.1.1, 9.1.2, 9.1.3, 10.1.0.3, and 10.1.0.6 contain a security vulnerability
 |  |  |  |  |  |
Severity: Medium
Description: IBM Spectrum LSF9.1.1, 9.1.2, 9.1.3, 10.1.0.3, and 10.1.0.6 could allow a local user to change the job user at job submission time due to improper file permission settings.
Potential Impact: Users could gain improper access to control files.
Click the Downloads tab in this note to access the patches for this issue.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | Base SAS | z/OS | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 |
| z/OS 64-bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft® Windows® for x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8 Enterprise 32-bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8 Enterprise x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8 Pro 32-bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8 Pro x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8.1 Enterprise 32-bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8.1 Enterprise x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8.1 Pro 32-bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 8.1 Pro x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows 10 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows Server 2012 Datacenter | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows Server 2012 R2 Datacenter | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows Server 2012 R2 Std | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows Server 2012 Std | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Microsoft Windows Server 2016 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Enterprise 32 bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Enterprise x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Home Premium 32 bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Home Premium x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Professional 32 bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Professional x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Ultimate 32 bit | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Windows 7 Ultimate x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| 64-bit Enabled AIX | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| 64-bit Enabled Solaris | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| HP-UX IPF | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Linux for x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
| Solaris for x64 | 9.4_M6 | 9.4_M6 | 9.4 TS1M6 | 9.4 TS1M6 | ||
Note: If you run Platform LSF 9.1.3, you must also install the B1A003 patch.
Note: If you run Platform LSF 10.1.0.3, you must also install the E3J001 patch.
Note: If you run Platform LSF 10.1.0.6, you must also install the E3K001 patch.
A fix for this issue for SAS Threaded Kernel Grid 9.4_M6 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/D9W.html#63474A fix for this issue for SAS Workload Orchestrator and SAS Grid Manager for Platform 9.46 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/E3Y.html#63474A fix for this issue for SAS Threaded Kernel Grid 9.4_M5 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/B5L.html#63474A fix for this issue for SAS Threaded Kernel Grid 9.4_M4 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/A5G.html#63474A fix for this issue for SAS Threaded Kernel Grid 9.4_M3 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/V72.html#63474| Type: | Problem Note |
| Priority: | medium |
| Date Modified: | 2019-02-01 09:07:27 |
| Date Created: | 2019-01-11 16:30:59 |