IBM37A8EA79DB0196D216B0D013B92E7DAD84ADF24BB48ABABFFEE092ACB6E91917Security Bulletin: Multiple vulnerabilities in the GNU C Library (glibc) affect PowerKVM
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Summary
PowerKVM is affected by several vulnerabilities in GNU glibc. These vulnerabilities are now fixed.
Vulnerability Details
CVEID: CVE-2015-7547**
DESCRIPTION:** GNU C Library (glibc) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nss_dns backend for the getaddrinfo() function when performing dual A/AAAA DNS queries. By sending a specially crafted DNS response, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 8.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110662 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2013-7423**
DESCRIPTION:** GNU glibc could allow a local attacker to obtain sensitive information, caused by the writing of DNS queries to random file descriptors under high load by the getaddrinfo() function. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 1.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/100647 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:H/Au:N/C:P/I:N/A:N)
CVEID: CVE-2015-1472**
DESCRIPTION:** GNU glibc is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by stdio-common/vfscanf.c. By sending an overly long string, a local attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS Base Score: 4.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/100635 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-1473**
DESCRIPTION:** GNU glibc is vulnerable to a denial of service, caused by a stack-based buffer overflow in stdio-common/vfscanf.c. A remote attacker could exploit this vulnerability to trigger a failed alloca and cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/100636 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVEID: CVE-2015-1781**
DESCRIPTION:** GNU C Library (glibc) is vulnerable to a buffer overflow, caused by improper bounds checking by the gethostbyname_r() and other related functions. By sending a specially-crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system elevated privileges or cause the application to crash.
CVSS Base Score: 5.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/102500 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-5229**
DESCRIPTION:** GNU C Library (glibc) is vulnerable to a denial of service, caused by the return of memory areas containing non-zero bytes by the calloc implementation. A remote attacker could exploit this vulnerability to cause the application to crash or hang.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110711 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2015-5277**
DESCRIPTION:** GNU C Library (glibc) could allow a local attacker to gain elevated privileges on the system, caused by a heap corruption error in the nss_files backend for the Name Service Switch. An attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/108484 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
PowerKVM 2.1 and PowerKVM 3.1
Remediation/Fixes
Customers can update PowerKVM systems by using “yum update”.
Fix images are made available via Fix Central. For version 3.1, see https://ibm.biz/BdHggw for 3.1 service build 3 or later.
For version 2.1, the fix is made available via Fix Central (https://ibm.biz/BdEnT8) in 2.1.1 Build 65.6 and all later 2.1.1 SP3 service builds and 2.1.1 service packs. Customers running v2.1 are, in any case, encouraged to upgrade to v3.1.
For v2.1 systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions.
Workarounds and Mitigations
None
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P