IBMDCF0785A8E04DB6808EC923041C1F99827C730DBA6770E63D5DA25D354F764EESecurity Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
Summary
PowerKVM is affected by nine vulnerabilities in the Linux kernel. These vulnerabilities are now fixed.
Vulnerability Details
CVEID: CVE-2014-9729**
DESCRIPTION:** Linux Kernel, built with the UDF file system(CONFIG_UDF_FS) support, is vulnerable to a denial of service, caused by the failure to verify component length of a symlink. By reading data from a specially crafted udf file system image, an attacker could exploit this vulnerability to cause the kernel to crash.
CVSS Base Score: 4.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103616 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C)
CVEID: CVE-2014-9730**
DESCRIPTION:** Linux Kernel, built with the UDF file system(CONFIG_UDF_FS) support, is vulnerable to a denial of service, caused by the failure to verify symlink size prior to loading it. By reading data from a specially crafted udf file system image, an attacker could exploit this vulnerability to cause the kernel to crash.
CVSS Base Score: 4.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103617 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C)
CVEID: CVE-2014-9731**
DESCRIPTION:** Linux Kernel, built with the UDF file system(CONFIG_UDF_FS) support, could allow a local attacker to obtain sensitive information. By reading symlink information from a specially crafted udf file system image, an attacker could exploit this vulnerability to leak kernel memory bytes and obtain sensitive information.
CVSS Base Score: 4.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103581 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:N/A:N)
CVEID: CVE-2015-3212**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a race condition in the automatic list handling of dynamic multi-homed SCTP connections using Address Configuration Change messages. A local attacker could exploit this vulnerability to cause the kernel to panic.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/105270 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2015-3636**
DESCRIPTION:** Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the failure to properly handle socket unhashing during spurious disconnects by the ping socket implementation. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CVSS Base Score: 6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/102873 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:H/Au:S/C:C/I:C/A:C)
CVEID: CVE-2015-4036**
DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error in the configfs interface within the vhost/scsi driver. An attacker could exploit this vulnerability to corrupt memory or panic the system.
CVSS Base Score: 4.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103401 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVEID: CVE-2015-4167**
DESCRIPTION:** Linux Kernel, built with the UDF file system(CONFIG_UDF_FS) support, is vulnerable to a denial of service. By collecting node information from a specially crafted udf file system image, an attacker could exploit this vulnerability to cause a kernel OOPS.
CVSS Base Score: 4.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103593 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C)
CVEID: CVE-2015-5697**
DESCRIPTION:** Linux Kernel could allow a local attacker to obtain sensitive information, caused by a leak in the md driver. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/105221 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2015-5706**
DESCRIPTION:** Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free in the path_openat() function. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/105236 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
PowerKVM 2.1
Remediation/Fixes
Fix is made available via Fix Central (https://ibm.biz/BdEnT8) in 2.1.1 Build 65.1 and all later 2.1.1 SP3 service builds and 2.1.1 fix packs. For systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions. Customers can also update from 2.1.1 (GA and later levels) by using “yum update”.
Workarounds and Mitigations
None
Related
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C