Security Bulletin: Multiple vulnerabilities affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows

Summary

Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows have addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2015-9261 DESCRIPTION: BusyBox is vulnerable to a denial of service, caused by a flaw in the huft_build in archival/libarchive/decompress_gunzip.c. By persuading a victim to open a specially-crafted ZIP file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147643&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-18208 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the madvise_willneed function in mm/madvise.c. By triggering use of MADVISE_WILLNEED for a DAX mapping, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139764&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-18075 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a mishandling of freeing instances by crypto/pcrypt.c. By executing a specially-crafted sequence of system calls, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138237&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-18216 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in fs/ocfs2/cluster/nodemanager.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139923&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-18203 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the dm_get_from_kobject function in drivers/md/dm.c. By leveraging a race condition with __dm_destroy during creation and removal of DM devices, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139759&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-15116 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by NULL pointer dereference in the rngapi_reset function in crypto/rng.c. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135735&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-16994 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by a flaw in the walk_hugetlb_range function in mm/pagewalk.c. By using a specially-crafted system call, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135497&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-8779 DESCRIPTION: rpcbind, LIBTIRPC, and NTIRPC are vulnerable to a denial of service, caused by improper validation of XDR strings in memory allocation. By sending a specially-crafted UDP packet, a remote attacker could exploit this vulnerability to cause memory consumption.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/125753&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-14140 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper validation of effective uid of the target process in the move_pages system call in mm/migrate.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to learn the memory layout of a setuid executable despite ASLR.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/131413&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-18310 DESCRIPTION: elfutils is vulnerable to a denial of service, caused by an invalid memory address dereference in dwfl_segment_report_module.c in libdwfl. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151273&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-18521 DESCRIPTION: elfutils is vulnerable to a denial of service, caused by a divide-by-zero flaw in the function arlib_add_symbols() in arlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151750&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-18520 DESCRIPTION: elfutils is vulnerable to a denial of service, caused by an invalid memory address dereference exists in the function elf_end in libelf. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151751&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-16402 DESCRIPTION: elfutils is vulnerable to a denial of service, caused by a double free in the libelf/elf_end.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149340&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-16403 DESCRIPTION: elfutils is vulnerable to a denial of service, caused by a heap-based buffer overflow in the dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149339&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-16062 DESCRIPTION: Elfutils is vulnerable to a denial of service, caused by a heap-based buffer over-read in /elfutils/libdw/dwarf_getaranges.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149133&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-7995 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a race condition in the store_int_with_restart function in arch/x86/kernel/cpu/mcheck/mce.c. By leveraging root access to write to the check_interval file, a local attacker could exploit this vulnerability to cause the system to panic.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140100&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-6927 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the futex_requeue function in kernel/futex.c. By triggering a negative wake or requeue value, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139067&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-1066 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() function. An attacker controlling a CIFS server could exploit this vulnerability to cause a kernel panic.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139836&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-5333 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an rds_atomic_free_op NULL pointer dereference in the rds_cmsg_atomic function in net/rds/rdma.c. A local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137567&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-5332 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a heap-based out-of-bounds write in the rds_rdma_extra_size function in net/rds/rdma.c. A local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137569&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-5344 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the drivers/block/loop.c. A local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137649&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

The following products used with Intel Xeon Phi PCI-Express cards (Intel Xeon Phi 3120A, Intel Xeon Phi 5110P, Intel Xeon Phi 7120A, and Intel Xeon Phi 7210P) on the System x systems:

• iDataPlex dx360 M4
• NeXtScale nx360 M4
• PureFlex x220 M4 / x240 M4 / x240 M5
• x3850 X6 / x3950 X6

Product

|

Affected Version

—|—

Intel® Manycore Platform Software Stack (MPSS) for Linux & Windows

|

3.8

Remediation/Fixes

IBM recommends that you update the affected versions of Intel MPSS that are used with Intel Xeon Phi cards supported in IBM System x Servers to MPSS version 3.8.5 or later.

Instructions on how to download and apply the update are available at: https://software.intel.com/en-us/articles/intel-manycore-platform-software-stack-mpss

Product

|

Fixed Version

—|—

Intel® Manycore Platform Software Stack (MPSS) for Linux & Windows

|

3.8.5

Workarounds and Mitigations

None