IBMB599429672D35F0898136CCC25113D8FA5E242634C8CEB73C87851525F0DA4BBSecurity Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Summary
There are multiple security vulnerabilities in the Linux Kernel that affect IBM Spectrum Protect Plus.
Vulnerability Details
CVEID:CVE-2019-19532
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by multiple out-of-bound write conditions in HID drivers.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172610 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
CVEID:CVE-2019-19529
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/net/can/usb/mcba_usb.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172526 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-19530
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/usb/class/cdc-acm.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172527 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-19526
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/nfc/pn533/usb.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172523 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-19531
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/usb/misc/yurex.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172528 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-19524
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/input/ff-memless.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172521 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-19537
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition in drivers/usb/core/file.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause the system to stop responding.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172608 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-19527
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/hid/usbhid/hiddev.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172524 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18811
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the sof_set_get_large_ctrl_data function in sound/soc/sof/ipc.c. By triggering sof_get_ctrl_copy_params() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171184 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18810
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the komeda_wb_connector_add function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c. By triggering drm_writeback_connector_init() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171183 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18813
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the dwc3_pci_probe function in drivers/usb/dwc3/dwc3-pci.c. By triggering platform_device_add_properties() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171186 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18812
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the sof_dfsentry_write function in sound/soc/sof/debug.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171185 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18808
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the ccp_run_sha_cmd function in drivers/crypto/ccp/ccp-ops.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171181 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18807
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by two memory leaks in the sja1105_static_config_upload function in drivers/net/dsa/sja1105/sja1105_spi.c. By triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171180 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18809
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the af9005_identify_state function in drivers/media/usb/dvb-usb/af9005.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171182 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18814
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the aa_audit_rule_init function in security/apparmor/audit.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171187 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-18806
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the ql_alloc_large_buffers function in drivers/net/ethernet/qlogic/qla3xxx.c. By triggering pci_dma_mapping_error() failures, a local authenticated attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171179 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2020-8428
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in may_create_in_sticky. By executing a specially-crafted program, a local attacker could exploit this vulnerability to cause the system to crash, or possibly leak information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175359 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H)
CVEID:CVE-2019-16714
**DESCRIPTION:**Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the failure to initialize the tos and flags fields in the rds6_inc_info_copy function in net/rds/recv.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information from the kernel stack memory.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167373 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2019-10639
**DESCRIPTION:**Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the use of a weak function to generate IP packet IDs. By sniffing the network, an attacker could exploit this vulnerability to obtain hash collisions information to derive the hashing key.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167414 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2019-15538
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw in xfs_setattr_nonsize in fs/xfs/xfs_iops.c. By sending a specially-crafted system call, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165865 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2019-18198
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a reference count usage error in the fib6_rule_suppress function in the fib6 suppression feature of net/ipv6/fib6_rules.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to corrupt the memory resulting in a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/169685 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-15505
**DESCRIPTION:**Linux Kernel could allow a physical attacker to obtain sensitive information, caused by an out-of-bounds read flaw in technisat-usb2.c. By using a specially-crafted USB device, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165745 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVEID:CVE-2019-15504
**DESCRIPTION:**Linux Kernel could allow a physical attacker to execute arbitrary code on the system, caused by a double free flaw in rsi_91x_usb.c. By using a specially-crafted USB device, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165744 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2019-15902
**DESCRIPTION:**Linux Kernel could provide weaker than expected security, caused by a backporting error. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/166561 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2019-19602
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory corruption in fpregs_state_valid in arch/x86/include/asm/fpu/internal.h. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172692 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2019-14898
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition in between mmget_not_zero()/get_task_mm() and core dumping. By using a specially-crafted system call, a local authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive information.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175727 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H)
CVEID:CVE-2019-18282
**DESCRIPTION:**Linux Kernel could allow a local attacker to obtain sensitive information, caused by a device tracking vulnerability in flow_dissector feature. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174716 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Plus | 10.1.0-10.1.5 |
Remediation/Fixes
| Spectrum Protect Plus Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 10.1 | 10.1.5 patch1 | Linux | <http://www.ibm.com/support/docview.wss?uid=ibm11072392> |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm spectrum protect plus | eq | 10.1 |
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C