Security Bulletin: Vulnerabilities in openjpeg affect PowerKVM

Summary

PowerKVM is affected by vulnerabilities in openjpeg. IBM has now addressed these vulnerabilities.

Vulnerability Details

CVEID: CVE-2016-5139**
DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by pdfium. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115759 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-5158**
DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by PDFium. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116533 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-5159**
DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by PDFium. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116534 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-7163**
DESCRIPTION:** OpenJPEG could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the opj_pi_create_decode function in pi.c. By persuading a victim to open a specially crafted JP2 file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/117141 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-9573**
DESCRIPTION:** OpenJPEG is vulnerable to a denial of service, caused by an out-of-bounds read in j2k_to_image tool. By using a specially-crafted JPEG2000 file, a remote attacker could exploit this vulnerability to cause the application to crash or possibly obtain sensitive information.
CVSS Base Score: 4.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/125136 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L)

CVEID: CVE-2016-9675**
DESCRIPTION:** OpenJPEG is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By using a specially-crafted jpeg2000 image file, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base Score: 8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120194 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)

Affected Products and Versions

PowerKVM 3.1

Remediation/Fixes

Customers can update PowerKVM systems by using “yum update”.

Fix images are made available via Fix Central. For version 3.1, see https://ibm.biz/BdHggw. This issue is addressed starting with v3.1.0.2 update 8.

Workarounds and Mitigations

none