Lucene search

IBMF059134BB0EF11F0543CB1521608EFC4B6C64500691ABA9F113C765E340A00DD

HistorySep 06, 2024 - 3:43 p.m.

Security Bulletin: IBM DataPower Gateway vulnerable to multiple kernel CVEs

2024-09-0615:43:01

www.ibm.com

ibm datapower gateway

kernel vulnerabilities

10.5.0.12

cve-2023-2162

cve-2023-1073

cve-2023-45871

buffer overflow

memory corruption

elevated privileges

vulnerability remediation

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

JSON

Summary

IBM DataPower Gateway has addressed multiple CVEs in 10.5.0.12

Vulnerability Details

CVEID:CVE-2023-2162
**DESCRIPTION:**Linux Kernel could allow a local attacker to obtain sensitive information, caused by a use-after-free flaw in the iscsi_sw_tcp_session_create function in drivers/scsi/iscsi_tcp.c in the SCSI sub-component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain kernel internal information, and use this information to launch further attacks against the affected system.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253490 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2023-1073
**DESCRIPTION:**Linux Kernel could allow a physical authenticated attacker to gain elevated privileges on the system, caused by a memory corruption flaw in the human interface device (HID) subsystem. By using a specially crafted USB device , an attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/251322 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-45871
**DESCRIPTION:**Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the IGB driver in drivers/net/ethernet/intel/igb/igb_main.c. By sending a specially crafted request, a remote attacker from within the local network could overflow a buffer and execute arbitrary code or cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/268717 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM DataPower Gateway 10.5.0	10.5.0.0 - 10.5.0.11

Remediation/Fixes

These CVEs have been addressed in IBM DataPower Gateway 10.5.0.12, under APAR IT46823

IBM strongly recommends addressing the vulnerability now.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmdatapower_gatewayMatch10.5.0

ibmdatapower_gatewayMatch10.6.0

VendorProductVersionCPE
ibmdatapower_gateway10.5.0cpe:2.3:a:ibm:datapower_gateway:10.5.0:*:*:*:*:*:*:*
ibmdatapower_gateway10.6.0cpe:2.3:a:ibm:datapower_gateway:10.6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	datapower_gateway	10.5.0	cpe:2.3:a:ibm:datapower_gateway:10.5.0:::::::*
ibm	datapower_gateway	10.6.0	cpe:2.3:a:ibm:datapower_gateway:10.6.0:::::::*