Security Bulletin
Summary
PowerKVM is affected by several Linux Kernel vulnerabilities (multiple CVEs) .
Vulnerability Details
CVEID: CVE-2015-2041
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by an information leak in llc2_timeout_table. An attacker could exploit this vulnerability to leak kernel memory to user space.
CVSS Base Score: 1.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101026 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVEID: CVE-2015-2042
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by an information leak in rds_sysctl_rds_table. An attacker could exploit this vulnerability to leak kernel memory to user space.
CVSS Base Score: 1.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101027 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVEID: CVE-2015-3339
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a race condition between the chown() and execve() system calls. When changing the owner of a setuid-user binary to root, an attacker could exploit this vulnerability to gain root privileges on the system.
CVSS Base Score: 7.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102618 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVEID: CVE-2015-2922
DESCRIPTION: Linux Kernel, built with the IPv6 networking support(CONFIG_IPV6), is vulnerable to a denial of service, caused by the improper handling of Router Advertisements. A remote attacker from within the local network could exploit this vulnerability to set the hop_limit too low and cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102058 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2014-9710
DESCRIPTION: Linux Kernel, built with the Btrfs Filesystem support(CONFIG_BTRFS_FS), could allow a local attacker to gain elevated privileges on the system, caused by a race condition in the non-atomic xattr replace operation. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CVSS Base Score: 4.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101789 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-3332
DESCRIPTION: Linux Kernel, built with the IPv4 networking support(CONFIG_NET), is vulnerable to a denial of service, caused by an error while using TCP Fast open option when initiating a network connection. A local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102619 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C)
CVEID: CVE-2014-9715
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the use of an insufficient large data type for certain extension data by the nf_conntrack_extend.h in the netfilter subsystem. An attacker could exploit this vulnerability using outbound network traffic to cause a OOPS and a NULL pointer dereference.
CVSS Base Score: 4.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103522 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVEID: CVE-2014-9420
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the failure to restrict the number of Rock Ridge continuation entries by the rock.c. A local attacker could exploit this vulnerability using a specially-crafted iso9660 image to cause the application to enter into an infinite loop.
CVSS Base Score: 4.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/99588 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVEID: CVE-2015-1805
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a memory corruption error in the pipe_iov_copy_from_user() and pipe_iov_copy_to_user() functions. An attacker could exploit this vulnerability to execute arbitrary commands on the system with root privileges.
CVSS Base Score: 7.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103584 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Affected Products and Versions
PowerKVM 2.1
Remediation/Fixes
Fix is made available via Fix Central (https://ibm.biz/BdEnT8) in 2.1.1 build 58 and all later builds and fix packs. For systems currently running fix levels of PowerKVM prior to 2.1.1, please see http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README for prerequisite fixes and instructions. Customers can also update from 2.1.1 (GA and later levels) by using "yum update".
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
Change History
9 July 2015 - Initial version
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
isg3T1022487