CVE :

Transcription

1 Component: Kernel CVSS Score: 6.2 CVE : The Linux kernel before allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. Impacted - Fixed in 6.7R12 Impacted - Fixed in 4.1R2 Brocade Virtual Traffic Traffic (STM)) Impacted - This issue is present, but the firmware is not vulnerable as a user is unable to call sendmsg() from CLI or from a script. Impacted - This issue is present, but the firmware is not vulnerable as a user is unable to call sendmsg() from CLI or from a script. Impacted - Affects some Linux tools using local socket as pipe, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Fixed in 2.4. Upgrade to kernel. Page 1

2 Component: Glibc CVSS Score: 5.0 CVE : DB_LOOKUP in nss_files/files-xxx.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up while the database is iterated over the database, which triggers the file pointer to be reset. Brocade Virtual Traffic Traffic (STM)) Impacted - Fixed in 6.7R11. Impacted - Fixed in 4.2R1. Under investigation Under investigation Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. We should advise customers to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - Both Services Director VA and Services Director Instance Host VA are affected. We are awaiting upstream fixes from Redhat and Ubuntu. Page 2

3 Component: PCRE CVSS Score: 7.3 CVE : pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset. Brocade Virtual Traffic Traffic (STM)) Impacted - Fixed in 6.71R12. Impacted - Fixed in 4.2R1. Impacted Affects some Linux tools using PCRE library, but not vadx software. Customers are advised to use Linux tools with caution. Page 3

4 Component: Glibc CVSS Score: 6.8 CVE : Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.21R1. Under investigation Under investigation Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - Customer should update the OS according to their vendors recommendation. Page 4

5 Component: OpenSSL CVSS Score: 4.0 CVE : Brocade Virtual Traffic Traffic (STM)) Page 5

6 Component: Apache CVSS Score: 7.5 CVE : This issue affects the Apache commons-collections library as shipped with Fuse and A-MQ However, this flaw is not known to be exploitable under supported scenarios in these product versions, and so has been assigned an impact of Important for these products and their respective errata. Brocade Virtual Traffic Traffic (STM)) Impacted - Affects some Linux tools like Apache commonscollections library, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Fixed in BNA Impacted - Fixed in BNA Impacted - Fixed in BNA Page 6

7 Component: NTP CVSS Score: 6.4 CVE : Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted - Fixed in 4.1R1. Impacted - Brocade vtm software customers are not affected. Brocade vtm appliance customers should upgrade to version 10.2r1 or later. Alternatively, for customers using the 9.9 LTS release, the fix is included in 9.9r1. Page 7

8 Component: NTP CVSS Score: 6.4 CVE : Brocade Virtual Traffic Traffic (STM)) Impacted - Fixed in 6.7R12. Impacted - Fixed with 4.1R1. Impacted - Brocade vtm software customers are not affected. Brocade vtm appliance customers should upgrade to version 10.2r1 or later. Alternatively, for customers using the 9.9 LTS release, the fix is included in 9.9r1. Page 8

9 Component: Kernel CVSS Score: 7.5 CVE : net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted Fixed in 4.2R1. Impacted - Affects some Linux tools SCTP, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software releases do not contain the vulnerability. Brocade vtm appliances include the vulnerability. This issue is only exposed locally to services running on the appliance; if administrators have installed software onto the appliance that they doubt the integrity of, then they should consider disabling/removing that software as a workaround to this local vulnerability. Page 9

10 Component: Glibc CVSS Score: 9.1 CVE : The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an outof-range time value. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.2R1. Impacted - This issue is present in the GLIBC used, but the firmware is not vulnerable as the values are always verified before calling strftime. Impacted - This issue is present in the GLIBC used, but the firmware is not vulnerable as the values are always verified before calling strftime. Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - A release containing a fix for this is pending, awaiting a fix from our upstream OS vendors. Page 10

11 Component: Glibc CVSS Score: 5.5 CVE : The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.2R1. Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - Ensure local access to the Services Director is restricted as far as possible. A release containing the fix for this is TBC. Page 11

12 Component: Glibc CVSS Score: 9.8 CVE : Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the hcreate_r function, which triggers out-of-bounds heap-memory access. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.1R3. Impacted - This issue is present in the GLIBC used, but firmware is not vulnerable as the code does not ever call hcreate or hcreate_r. Impacted - This issue is present in the GLIBC used, but firmware is not vulnerable as the code does not ever call hcreate or hcreate_r. Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - A release containing a fix for this is pending, awaiting a fix from our upstream OS vendors. Page 12

13 Component: Glibc CVSS Score: 9.8 CVE : Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.2R1. Impacted - This issue is present, but the firmware is not vulnerable as the code does not ever use the catopen function. Impacted - This issue is present, but the firmware is not vulnerable as the code does not ever use the catopen function. Impacted - Affects some Linux tools, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - - A release containing the fix for Brocade Services Director is TBC. Page 13

14 Component: Kernel CVSS Score: 6.8 CVE : The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted Fixed in 4.2R1. Impacted Fixed in FI Impacted - Affects some Linux tools using USB hub driver, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. Brocade vtm appliance customers should upgrade to version 10.3r1 or later. For customers using the 9.9 LTS releases, a fix will be included in the next r- release (9.9r2). Impacted - The workaround is simply to not attach and detach USB hubs from Services Director VAs (there is no reason why this would be necessary for operation of the VAs). Page 14

15 Component: Kernel CVSS Score: 7.8 CVE : Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE regression. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted Fixed in 4.2R1. Impacted - Affects some Linux tools using USB hub driver, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - We are awaiting upstream fixes for this vulnerability from our OS vendors. Page 15

16 Component: Glibc CVSS Score: 7.5 CVE : Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R13. Impacted Fixed in 5.0R1. Under investigation Impacted - Affects some Linux tools suffering GLOB_ALTDIRFUNC with incorrect NAME_MAX limit, but not VADX software. Customers are advised to use Linux tools with caution. Under investigation Services Director VA and Services Director Instance Host VA both contain affected versions of eglibc. No fix is available currently (we await upstream fixes from Red Hat and Ubuntu). Page 16

17 Disclaimer THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. Document Revision Changes 1.0 Initial Publication 2.0 Updated to address 5400 vrouter, 5600 vrouter, NI, SD, SDN Controller, and vtm Page 17