Community
IBM Community Home
AIOps & Management
Business Analytics
Business Automation
Cloud Pak for Data
Data Science
DataOps
Hybrid Data Management
IBM Japan
IBM Z & LinuxONE
Integration
Internet of Things
Power Systems
Public Cloud
Network Automation
Security
Storage
Supply Chain
Watson Apps
WebSphere, Liberty & DevOps
Log in
Announcements
Blogs
Groups
Discussions
Events
Glossary
Site Content
Libraries
on this day
between these dates
Posted by
Announcements
Blogs
Groups
Discussions
Events
Glossary
Site Content
Libraries
on this day
between these dates
Posted by
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Hybrid Data Management
Topic groups
HDM Global
Db2 (On Premises and Cloud)
Db2 Analytics Accelerator for z/OS
Db2 for z/OS
Db2 Tools for z/OS
IBM Data Virtualization Manager for z/OS
IBM Query Management Facility (QMF)
Informix
Integrated Analytics Systems
Netezza Performance Server
Open Source Offerings
User groups
Events
Upcoming Hybrid Data Management Events
On Demand Webinars
IBM Expert TV
Virtual Community Events
All IBM Community Events
Participate
Post to Forum
Share a Resource
Blogging on the Community
Connect with Hybrid Data Management Users
All IBM Community Users
Resources
Community Front Porch
IBM Support
IBM Cloud Support
IBM Champions
Marketplace
Marketplace
IBM Hybrid Data Management Community
Connect with Db2, Informix, Netezza, open source, and other data experts to gain value
from your data, share insights, and solve problems
Join / Log in
Skip main navigation (Press Enter).
Toggle navigation
Content types
Announcements
Blogs
Groups
Discussions
Events
Glossary
Site Content
Libraries
Date range
on this day
between these dates
Posted by
User Groups
User Group Tag Test
Open Source Offerings
View Only
Group Home
Discussion
13
Library
42
Blogs
16
Events
0
Members
291
Technical Service Bulletin 2021-434 (TSB), repost from Cloudera
0
Recommend
Tue January 19, 2021 11:43 AM
Lynn Chou
Technical Service Bulletin 2021-434 (TSB)
Load Balancing Provider Fails to invalidate Cache on Key Delete
The KMS Load balancing Provider has not been correctly invalidating the cache on key delete operations. The failure to invalidate the cache on key delete operations can result in the possibility that data can be leaked from the framework for a short period of time based on the value of the hadoop.kms.current.key.cache.timeout.ms property. Its default value is 30,000ms. When the KMS is deployed in an HA pattern the KMSLoadBalancingProvider class will only send the delete operation to one KMS role instance in a round-robin fashion. The code lacks a call to invalidate the cache across all instances and can leave key information including the metadata and key stored (the deleted key) in the cache on one or more KMS instances up to the key cache timeout.
Jiras:
HADOOP-17208
HADOOP-17304
Products affected:
CDH
HDP
CDP
Releases affected:
CDH 5.x
CDH 6.x
CDP 7.0.x
CDP 7.1.4 and earlier
HDP 2.6 and later
Users affected:
Customers with Data-at-rest encryption enabled that have more than 1 kms role instance and the services Key Cache enabled.
Impact:
Key Meta-data and Key material may remain active within the service cache.
Severity:
Medium
Action required:
CDH customers: Upgrade to CDP 7.1.5 or request a patch
HDP customers: Request a patch
#Cloudera
#opensource
#Database
#Hadoop
#Hadoop
Statistics
0 Favorited
8 Views
0 Files
0 Shares
0 Downloads
Hybrid Data Management
Topic groups
HDM Global
Db2 (On Premises and Cloud)
Db2 Analytics Accelerator for z/OS
Db2 for z/OS
Db2 Tools for z/OS
IBM Data Virtualization Manager for z/OS
IBM Query Management Facility (QMF)
Informix
Integrated Analytics Systems
Netezza Performance Server
Open Source Offerings
User groups
Events
Upcoming Hybrid Data Management Events
On Demand Webinars
IBM Expert TV
Virtual Community Events
All IBM Community Events
Participate
Post to Forum
Share a Resource
Blogging on the Community
Connect with Hybrid Data Management Users
All IBM Community Users
Resources
Community Front Porch
IBM Support
IBM Cloud Support
IBM Champions
Marketplace
Marketplace
Copyright © 2020 IBM Data Science Community. All rights reserved.
Powered by Higher Logic