Lucene search

K
ibmIBMFF196C203FBE7855B209E778D969F9CB477E5AC6AB3BD028DDAA44EFCD8D3685
HistoryFeb 18, 2023 - 1:45 a.m.

Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem 840 and 900

2023-02-1801:45:50
www.ibm.com
21
ibm flashsystem
linux kernel
vulnerabilities
denial of service
sensitive information
code fix

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.954

Percentile

99.4%

Summary

There are vulnerabilities in the Linux kernel to which the IBM FlashSystem™ 840 and FlashSystem 900 are susceptible (CVE-2017-18017 and CVE-2017-17449). An exploit of CVE-2017-18017 could allow a remote attacker to cause a denial of service condition. An exploit of CVE-2017-17449 could allow an attacker to obtain sensitive information.

Vulnerability Details

CVEID: CVE-2017-18017 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c. By leveraging the presence of xt_TCPMSS in an iptables action, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137122&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-17449 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by the failure to restrict observations of Netlink messages to a single net namespace when CONFIG_NLMON is enabled in the __netlink_deliver_tap_skb function in net/netlink/af_netlink.c. By leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136106&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

FlashSystem 840 machine type and models (MTMs) affected include 9840-AE1 and 9843-AE1.
FlashSystem 900 MTMs affected include 9843-UF3, 9840-AE2, 9843-AE2, 9840-AE3, and 9843-AE3.

Supported code versions which are affected

  • VRMFs prior to 1.4.8.2
  • VRMFs prior to 1.5.2.5
  • VRMFs prior to 1.6.1.0

Remediation/Fixes

MTMs

| VRMF | APAR | Remediation/First Fix
—|—|—|—
FlashSystem****840 MTM:
9840-AE1 &9843-AE1

**FlashSystem 900 MTMs:**9843-UF3, 9840-AE2, 9843-AE2, 9840-AE3, & 9843-AE3 |

Code fixes are now available, the minimum VRMF containing the fix depends on the code stream:_ _
__Fixed Code VRMF __
1.6 stream: 1.6.1.0

1.5 stream: 1.5.2.5

1.4 stream: 1.4.8.2

| N/A | FlashSystem 840 fixesand FlashSystem 900 fixes****are available @ IBM’s Fix Central

Workarounds and Mitigations

Upgrade to a remediated code level.

Affected configurations

Vulners
Node
ibmflashsystem_900Matchany
OR
ibmflashsystem_900Matchany

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.954

Percentile

99.4%