Security Bulletin: Vulnerabilities in kernel affect Power Hardware Management Console

Summary

Power Hardware Management Console is affected by security vulnerabilities in the Linux Kernel. Power Hardware Management Console has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2016-10229**
DESCRIPTION:** Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in udp.c. By sending specially-crafted UDP packets, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/124676 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-5828**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by the improper handling of Transactional Memory on powerpc systems. By starting a transaction, suspending it, and then calling any of the exec() class system calls, an attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/114456 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-2847**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error related to the per-user limit. By filling pipes with an overly large amount of data, an attacker could exploit this vulnerability to consume an overly large amount of kernel memory resources.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111306 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-3156**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error when destroying a network. A local authenticated attacker could exploit this vulnerability using a huge number of ipv4 addresses to keep rtnl_lock for a very long time and block network related operations.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112056 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-2117**
DESCRIPTION:** Atheros Linux wireless drivers could allow a remote attacker to obtain sensitive information, caused by the failure to check scatter/gather IO. By sending a specially crafted packet, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111533 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-2053**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error in the asn1_ber_decoder function. A remote attacker could exploit this vulnerability using an ASN.1 BER file that lacks a public key to cause a denial of service.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/114430 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2015-8956**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c. By using vectors involving a bind system call on a Bluetooth RFCOMM socket, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service on the system.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/118238 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L)

CVEID: CVE-2015-8845**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error when restoring machine specific registers on the power pc platform. Incorrect transactional memory state registers modify the call path on return from userspace. An attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112156 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2015-8844**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error when restoring machine specific registers T and S bits on the power pc platform. Incorrect transactional memory state registers modify the call path on return from userspace. An attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112155 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2015-8374**
DESCRIPTION:** Linux Kernel could allow a remote authenticated attacker to obtain sensitive information, caused by a information leak when truncating compressed/inlined extents on BTRFS. An attacker could exploit this vulnerability to obtain the truncated data.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/108371 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Power HMC V8.8.6.0

Remediation/Fixes

The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/&gt;

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V8.8.6.0 SP1

|

MB04103

|

MH01718

Power HMC

|

V8.8.6.0 SP2

|

MB04101

|

MH01716

Workarounds and Mitigations

None