Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMEDC4C5C80C00EE4AC9AA2C2F8FC5CF316B401A50DA42A577EE4FA380D4A47809
HistoryDec 03, 2018 - 2:30 p.m.

Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities

2018-12-0314:30:01
www.ibm.com
42

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.

Vulnerability Details

CVEID: CVE-2017-16939
**Description:**Linux Kernel could allow a remote attacker to gain elevated privileges on the system, caused by an use-after-free in the Netlink socket subsystem XFRM. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain privileges.
**CVSS Base Score:**9.80
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135317&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2018-1000199
**Description:**Linux Kernel is vulnerable to a denial of service, caused by a ptrace() error handling flaw. By invoking the modify_user_hw_breakpoint() function, a local attacker could exploit this vulnerability to cause the kernel to crash.
**CVSS Base Score:**6.20
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142654&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-10675
**Description:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the do_get_mempolicy function in mm/mempolicy.c. By using specially crafted system calls, a local attacker could exploit this vulnerability to cause a denial of service.
**CVSS Base Score:**6.20
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142895&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-1068
**Description:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the implementation of 32 bit syscall interface. An attacker could exploit this vulnerability to gain root privileges on the system.
**CVSS Base Score:**8.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140403&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2018-1087
**Description:**Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of exceptions delivered after a stack switch operation using the MOV to SS and POP SS instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges or cause the guest to crash.
**CVSS Base Score:**8.40
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142976&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2018-1091
**Description:**Linux Kernel is vulnerable to a denial of service, caused by a missing processor feature check in the flush_tmregs_to_thread function. A local attacker could exploit this vulnerability to cause the guest kernel to crash.
**CVSS Base Score:**6.20
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140892&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-3620
**Description:**Multiple Intel CPU’s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. Note: This vulnerability is also known as the “L1 Terminal Fault (L1TF)” or “Foreshadow” attack.
**CVSS Base Score:**7.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148318&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2018-3646
**Description:**Multiple Intel CPU’s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker with guest OS privilege could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts.
**CVSS Base Score:**7.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148319&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2018-3665
**Description:**Intel Core-based microprocessors could allow a local attacker to obtain sensitive information, caused by utilizing the Lazy FP state restore technique for floating point state when context switching between application processes. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to determine register values of other processes. Note: This vulnerability is known as LazyFP.
**CVSS Base Score:**4.30
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144757&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CVEID: CVE-2018-3693
**Description:**Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a bounds check bypass in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to cross the syscall boundary and read data from the CPU virtual memory.
**CVSS Base Score:**7.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146191&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2018-5390
**Description:**Linux Kernel is vulnerable to a denial of service, caused by an error in the tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions. By sending specially crafted packets within ongoing TCP sessions, a remote attacker could exploit this vulnerability to cause a denial of service.
**CVSS Base Score:**7.50
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147950&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-7566
**Description:**Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by user-supplied input. By using an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system.
**CVSS Base Score:**7.80
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141112&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2018-8897
**Description:**Multiple operating systems could allow a local authenticated attacker to gain elevated privileges on the system, caused by developer interpretation of hardware debug exception documentation for the MOV to SS and POP SS instructions. An attacker could exploit this vulnerability using operating system APIs to obtain sensitive memory information or control low-level operating system functions and other unexpected behavior.
**CVSS Base Score:**7.00
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142242&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products and Versions

IBM QRadar SIEM 7.3.0 to 7.3.1 Patch 6

Remediation/Fixes

QRadar / QRM / QVM / QRIF / QNI 7.3.1 Patch 7

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security qradar siemeq7.3

Related

redhat 21
centos 4
openvas 37
nessus 83
oraclelinux 8
virtuozzo 5
amazon 2
ubuntu 9
cloudfoundry 2
ibm 4
osv 3
redhatcve 2
fedora 2
freebsd 1
xen 1
debian 6
freebsd_advisory 1
suse 8
redhat
redhat
(RHSA-2018:1318) Important: kernel security, bug fix, and enhancement update
2018-05-08 17:15:15
(RHSA-2018:1355) Important: kernel-rt security and bug fix update
2018-05-08 22:00:35
(RHSA-2018:2395) Important: kernel-rt security and bug fix update
2018-08-14 19:27:20
centos
centos
kernel, perf, python security update
2018-05-30 18:29:24
kernel, perf, python security update
2018-08-15 03:59:04
kernel, perf, python security update
2018-08-15 01:59:55
openvas
openvas
CentOS Update for kernel CESA-2018:1318 centos7
2018-06-05 00:00:00
CentOS Update for kernel CESA-2018:2384 centos7
2018-08-15 00:00:00
Ubuntu: Security Advisory (USN-3641-2)
2022-08-26 00:00:00
nessus
nessus
Oracle Linux 7 : kernel (ELSA-2018-1318)
2018-05-10 00:00:00
RHEL 7 : kernel (RHSA-2018:1318)
2018-05-09 00:00:00
CentOS 7 : kernel (CESA-2018:1318)
2018-05-31 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2018-05-09 00:00:00
kernel security and bug fix update
2018-08-14 00:00:00
kernel security update
2018-05-22 00:00:00
virtuozzo
virtuozzo
Important kernel security update: CVE-2018-3620 and other issues; new kernel 3.10.0-862.11.6.vz7.64.7; Virtuozzo 7.0 Update 8 Hotfix 1 (7.0.8-507)
2018-08-30 00:00:00
Important kernel security update: CVE-2018-3620 and other issues; new kernel 2.6.32-042stab133.1; Virtuozzo 6.0 Update 12 Hotfix 30 (6.0.12-3713)
2018-08-20 00:00:00
Important kernel security update: CVE-2018-3620 and other issues; new kernel 2.6.32-042stab133.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2018-08-20 00:00:00
amazon
amazon
Important: kernel
2018-05-24 18:14:00
Important: kernel
2018-05-25 18:12:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2018-05-08 00:00:00
Linux kernel vulnerabilities
2018-05-08 00:00:00
Linux kernel regressions
2018-08-17 00:00:00
cloudfoundry
cloudfoundry
USN-3641-1: Linux kernel vulnerabilities | Cloud Foundry
2018-06-05 00:00:00
USN-3741-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-08-17 00:00:00
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801q
2018-10-10 21:05:01
Security Bulletin: IBM Security Guardium is affected by a Foreshadow Spectre Variant vulnerability
2019-02-07 19:55:01
Security Bulletin: L1TF - L1 Terminal Fault Attack affect IBM Netezza Host Management
2019-10-18 03:36:34
osv
osv
linux - security update
2018-05-08 00:00:00
linux-4.9 - security update
2018-08-28 00:00:00
linux - security update
2018-08-20 00:00:00
redhatcve
redhatcve
CVE-2018-1087
2020-04-08 20:05:13
CVE-2018-3646
2021-01-24 22:39:20
fedora
fedora
[SECURITY] Fedora 28 Update: kernel-headers-4.17.14-3.fc28
2018-08-16 08:08:45
[SECURITY] Fedora 27 Update: kernel-headers-4.17.14-3.fc27
2018-08-16 07:24:56
freebsd
freebsd
FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure
2018-08-14 00:00:00
xen
xen
L1 Terminal Fault speculative side channel
2018-08-14 17:15:00
debian
debian
[SECURITY] [DLA 1481-1] linux-4.9 security update
2018-08-28 17:10:51
[SECURITY] [DSA 4279-1] linux security update
2018-08-20 11:44:32
[SECURITY] [DSA 4274-1] xen security update
2018-08-16 20:47:43
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:09.l1tf
2018-08-14 00:00:00
suse
suse
Security update for the Linux Kernel (Live Patch 31 for SLE 12) (important)
2018-04-20 15:33:13
Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP3) (important)
2018-04-20 15:16:43
Security update for the Linux Kernel (important)
2018-05-09 00:07:18

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON
Related for EDC4C5C80C00EE4AC9AA2C2F8FC5CF316B401A50DA42A577EE4FA380D4A47809
redhat21centos4openvas37nessus83oraclelinux8virtuozzo5amazon2ubuntu9cloudfoundry2ibm4osv3redhatcve2fedora2freebsd1xen1debian6freebsd_advisory1suse8