Lucene search

IBM5E756A67F0C2DDA6EB47FC4CAAE455EF5AFEC21E3D823C7BB3CF665C87676374

HistorySep 17, 2024 - 9:36 p.m.

Security Bulletin: IBM DataPower Gateway vulnerable to physical attacks and DoS.

2024-09-1721:36:28

www.ibm.com

ibm datapower gateway

physical attacks

dos

linux kernel

usb device

elevated privileges

denial of service

cve-2023-1073

cve-2023-1079

cve-2023-1206

cve-2023-4132

it46687

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

JSON

Summary

CVE-2023-1073, CVE-2023-1079, CVE-2023-4132 require physical access to the appliance with malicious USB device. CVE-2023-1206 can allow an attacker with a high bandwidth connection to consume excessive CPU resources.

Vulnerability Details

CVEID:CVE-2023-1073
**DESCRIPTION:**Linux Kernel could allow a physical authenticated attacker to gain elevated privileges on the system, caused by a memory corruption flaw in the human interface device (HID) subsystem. By using a specially crafted USB device , an attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/251322 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-1079
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw flaw in the asus_kbd_backlight_set function. By using a specially-crafted USB device, a physical attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 4.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/248808 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-1206
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw in the IPv6 connection lookup table. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the CPU usage to increase, and results in a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/259617 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-4132
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the siano smsusb module. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262540 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM DataPower Gateway 10.5.0	10.5.0.0 - 10.5.0.12
IBM DataPower Gateway 10.6.0	10.6.0.0

Remediation/Fixes

Affected Product	Fixed in version	APAR
IBM DataPower Gateway 10.5.0	10.5.0.13	IT46687
IBM DataPower Gateway 10.6.0	10.6.0.1, 10.6.1	IT46687

IBM strongly recommends addressing the vulnerability now.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmdatapower_gatewayMatch10.5.0

ibmdatapower_gatewayMatch10.6.0

VendorProductVersionCPE
ibmdatapower_gateway10.5.0cpe:2.3:a:ibm:datapower_gateway:10.5.0:*:*:*:*:*:*:*
ibmdatapower_gateway10.6.0cpe:2.3:a:ibm:datapower_gateway:10.6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	datapower_gateway	10.5.0	cpe:2.3:a:ibm:datapower_gateway:10.5.0:::::::*
ibm	datapower_gateway	10.6.0	cpe:2.3:a:ibm:datapower_gateway:10.6.0:::::::*