IBM72A14F3E1A05E87987247C3A94DA37A971910E734C842EA2FD4E32CE8B24FCF5Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
Summary
IBM QRadar Network Security has addressed the following Linux kernel vulnerabilities.
Vulnerability Details
CVEID:CVE-2017-15649
**DESCRIPTION:*Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free in net/packet/af_packet.c. By using specially-crafted system calls, an authenticated attacker could exploit this vulnerability to gain elevated privileges on the system.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133861> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2017-12193
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the assoc_array implementation. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134628> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2017-12192
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the Key Management sub component. By issuing a KEYTCL_READ on negative key, a local attacker could exploit this vulnerability to cause the kernel to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133523> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2017-7472
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by the leaking of a thread keyring by the keyctl_set_reqkey_keyring(). A local authenticated attacker could exploit this vulnerability to exhaust all available kernel memory.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/125573> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2015-8539
**DESCRIPTION:*Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by an error in key management code. An attacker could exploit this vulnerability to gain elevated privileges on the system or cause the machine to crash.
CVSS Base Score: 8.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109142> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2017-1000380
**DESCRIPTION:*Linux Kernel could allow a local attacker to obtain sensitive information, caused by a flaw in the sound/core/timer.c. A local attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130294> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID:CVE-2017-7558
**DESCRIPTION:*Linux Kernel could allow a local attacker to obtain sensitive information, caused by flaws in the inet_diag_msg_sctpaddrs_fill, inet_diag_msg_sctpladdrs_fill and sctp_get_sctp_info functions. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130875> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2017-7542
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by integer overflow in ip6_find_1stfragopt function in net/ipv6/output_core.c. By leveraging the ability to open a raw socket, a local attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129328> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2017-7541
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a buffer overflow in the brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. By using a specially- a crafted NL80211_CMD_FRAME Netlink packet, a local attacker could exploit this vulnerability to cause the system to crash or or possibly gain privileges.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129314> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2017-7184
**DESCRIPTION:*Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by heap-based out-of-bounds access. An attacker could exploit this vulnerability to gain root privileges or cause a denial of service.
CVSS Base Score: 8.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/123470> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2017-14106
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a divide-by-zero flaw in the tcp_disconnect function in net/ipv4/tcp.c. By triggering a disconnect within a certain tcp_recvmsg code path, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/131363> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2017-11176
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a sock pointer not set to NULL in the mq_notify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 9.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129055> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2017-1000112
**DESCRIPTION:*Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a memory corruption when switching from UFO to non-UFO path. By sending specially crafted UFO packets, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130408> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2017-1000111
**DESCRIPTION:*Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the packet_set_ring function. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130243> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2016-8399
**DESCRIPTION:*Google Android could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the kernel networking subsystem. By persuading a victim to install a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code within the context of a privileged process.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/121227> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Affected Products and Versions
IBM QRadar Network Security 5.4.0
Remediation/Fixes
| Product | VRMF | Remediation/First Fix |
|---|---|---|
| IBM QRadar Network Security | Firmware version 5.4.0 | Install Firmware 5.4.0.5 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. |
| Or | ||
| Download Firmware 5.4.0.5 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface. |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm qradar network security | eq | 5.4.0 |
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C