Lucene search

K
ibmIBMA2D5180BF6B9E0CD5AEB76967D22D78D6906506D73F5340D0FBD31A0675F27FB
HistoryNov 17, 2023 - 12:13 p.m.

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libcurl vulnerabilities (CVE-2023-38546, CVE-2023-38545)

2023-11-1712:13:59
www.ibm.com
41
ibm mq operator
queue manager
libcurl vulnerabilities
cve-2023-38546
cve-2023-38545
container images
ibm-supplied
fixes

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.4%

Summary

Issues were identified in libcurl, which is packaged with the IBM MQ Queue Manager Container image. These issues are now fixed, and the fixes are shipped with the latest IBM MQ Operator and IBM-supplied MQ Advanced container images.

Vulnerability Details

CVEID:CVE-2023-38546
**DESCRIPTION:**cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw in the curl_easy_duphandle function if a transfer has cookies enabled when the handle is duplicated. By sending a specially crafted request, an attacker could exploit this vulnerability to insert cookies at will into a running program.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/268046 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-38545
**DESCRIPTION:**libcurl and cURL are vulnerable to a heap-based buffer overflow, caused by the improper handling of hostnames longer than 255 bytes during a slow SOCKS5 proxy handshake. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/268045 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM MQ Operator

**CD:**v2.4.0 - v2.4.4, v2.3.0 - 2.3.3, v2.2.0 - v2.2.2, 2.3.0 - 2.3.3

IBM supplied MQ Advanced container images|

CD: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus,
9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4, 9.3.0.3-r1, 9.3.0.4-r1, 9.3.0.4-r2, 9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3, 9.3.0.6-r1, 9.3.1.0-r1, 9.3.1.0-r2, 9.3.1.0-r3,
9.3.1.1-r1, 9.3.2.0-r1, 9.3.2.0-r2, 9.3.2.1-r1, 9.3.2.1-r2, 9.3.3.0-r1, 9.3.3.0-r2, 9.3.3.1-r1, 9.3.3.1-r2, 9.3.3.2-r1

Remediation/Fixes

Issues mentioned by this security bulletin is addressed in IBM MQ Operator v2.4.5 CD release that included IBM supplied MQ Advanced 9.3.3.2-r2 container image. IBM strongly recommends applying the latest container images.

**IBM MQ Operator 2.4.5 CD release details:

**

Image

|

Fix Version

|

Registry

|

Image Location

—|—|—|—

ibm-mq-operator

|

v2.4.5

|

icr.io

|

icr.io/cpopen/ibm-mq-operator@sha256:ac5029357a8db077217a992170b94285a30b0c19d9009ea93c504eb95a0f72e9

ibm-mqadvanced-server

|

9.3.3.2-r2

|

cp.icr.io

|

cp.icr.io/cp/ibm-mqadvanced-server@sha256:8899869d939c40a151bb6927ffbbf33a5a60dd3bbef8c4ddbdc962280c1acddb

ibm-mqadvanced-server-integration

|

9.3.3.2-r2

|

cp.icr.io

|

cp.icr.io/cp/ibm-mqadvanced-server-integration@sha256:21a08cab6d88b31dee8edb5e42189bb995630f9c95066f82256d05ab40a05517

ibm-mqadvanced-server-dev

|

9.3.3.2-r2

|

icr.io

|

icr.io/ibm-messaging/ibm-mqadvanced-server-dev@sha256:b79645ea507494e234b493d1aeacca0722970f6559193f977e85c84fa1aafc22

Workarounds and Mitigations

None

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.4%