Security Bulletin: IBM Security Access Manager Appliance is affected by multiple kernel vulnerabilities

Summary

IBM Security Access Manager Appliance has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2016-10142 DESCRIPTION: The IETF IPv6 protocol is vulnerable to a denial of service. By leveraging the generation of IPv6 atomic fragments and using the fragments in an arbitrary IPv6 flow, a remote attacker could exploit this vulnerability to perform any type of a fragmentation-based attack against legacy IPv6 nodes and trigger a kernel panic.
CVSS Base Score: 8.6
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/124080&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)

CVEID: CVE-2017-11176 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a sock pointer not set to NULL in the mq_notify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 9.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129055&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2015-3331 DESCRIPTION: Linux Kernel, built with the Intel AES-NI instructions for AES algorithm support (CONFIG_CRYPTO_AES_NI_INTEL), is vulnerable to a buffer overflow, caused by improper bounds checking by the RFC4106 GCM mode decryption functionality. By sending fragmented packets using the Intel AES-NI instruction, a remote attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103483&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2014-2523 DESCRIPTION: Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by an error in the /netfilter/nf_conntrack_proto_dccp.c file. By sending a specially-crafted DCCP packet, an attacker could exploit this vulnerability to corrupt kernel stack memory and execute arbitrary code on the system with kernel privileges.
CVSS Base Score: 10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91910&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Affected Products and Versions

Affected IBM Security Access Manager Appliance

|

Affected Versions

—|—
IBM Security Access Manager for Web | 7.0 - 7.0.0.33
IBM Security Access Manager for Web | 8.0 - 8.0.1.7
IBM Security Access Manager for Mobile | 8.0 - 8.0.1.7

Remediation/Fixes

| VRMF |APAR|Remediation
—|—|—|—
IBM Security Access Manager for Web | 7.0 - 7.0.0.34 (appliance) | IJ08617 | Apply Interim Fix 35:
7.0.0-ISS-WGA-IF0035
IBM Security Access Manager for Web | 8.0.0.0 -
8.0.1.7 | IJ08672 |

Upgrade to 8.0.1.8:
8.0.1-ISS-WGA-FP0008_ _

IBM Security Access Manager for Mobile | 8.0.0.0 -
8.0.1.7 | IJ08578 |

Upgrade to 8.0.1.8:
8.0.1-ISS-ISAM-FP0008

Workarounds and Mitigations

None.