IBM Support

Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus

Security Bulletin


Summary

There are multiple security vulnerabilities in the Linux Kernel that affect IBM Spectrum Protect Plus.

Vulnerability Details

CVEID:   CVE-2019-19532
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by multiple out-of-bound write conditions in HID drivers.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172610 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

CVEID:   CVE-2019-19529
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/net/can/usb/mcba_usb.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172526 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-19530
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/usb/class/cdc-acm.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172527 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-19526
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/nfc/pn533/usb.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172523 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-19531
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/usb/misc/yurex.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172528 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-19524
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/input/ff-memless.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172521 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-19537
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition in drivers/usb/core/file.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause the system to stop responding.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172608 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-19527
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/hid/usbhid/hiddev.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172524 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18811
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the sof_set_get_large_ctrl_data function in sound/soc/sof/ipc.c. By triggering sof_get_ctrl_copy_params() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171184 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18810
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the komeda_wb_connector_add function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c. By triggering drm_writeback_connector_init() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171183 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18813
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the dwc3_pci_probe function in drivers/usb/dwc3/dwc3-pci.c. By triggering platform_device_add_properties() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171186 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18812
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the sof_dfsentry_write function in sound/soc/sof/debug.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171185 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18808
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the ccp_run_sha_cmd function in drivers/crypto/ccp/ccp-ops.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171181 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18807
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by two memory leaks in the sja1105_static_config_upload function in drivers/net/dsa/sja1105/sja1105_spi.c. By triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171180 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18809
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the af9005_identify_state function in drivers/media/usb/dvb-usb/af9005.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171182 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18814
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the aa_audit_rule_init function in security/apparmor/audit.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171187 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-18806
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the ql_alloc_large_buffers function in drivers/net/ethernet/qlogic/qla3xxx.c. By triggering pci_dma_mapping_error() failures, a local authenticated attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171179 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2020-8428
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in may_create_in_sticky. By executing a specially-crafted program, a local attacker could exploit this vulnerability to cause the system to crash, or possibly leak information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175359 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H)

CVEID:   CVE-2019-16714
DESCRIPTION:   Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the failure to initialize the tos and flags fields in the rds6_inc_info_copy function in net/rds/recv.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information from the kernel stack memory.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167373 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2019-10639
DESCRIPTION:   Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the use of a weak function to generate IP packet IDs. By sniffing the network, an attacker could exploit this vulnerability to obtain hash collisions information to derive the hashing key.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167414 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2019-15538
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a flaw in xfs_setattr_nonsize in fs/xfs/xfs_iops.c. By sending a specially-crafted system call, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165865 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2019-18198
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a reference count usage error in the fib6_rule_suppress function in the fib6 suppression feature of net/ipv6/fib6_rules.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to corrupt the memory resulting in a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/169685 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-15505
DESCRIPTION:   Linux Kernel could allow a physical attacker to obtain sensitive information, caused by an out-of-bounds read flaw in technisat-usb2.c. By using a specially-crafted USB device, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165745 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)

CVEID:   CVE-2019-15504
DESCRIPTION:   Linux Kernel could allow a physical attacker to execute arbitrary code on the system, caused by a double free flaw in rsi_91x_usb.c. By using a specially-crafted USB device, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165744 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2019-15902
DESCRIPTION:   Linux Kernel could provide weaker than expected security, caused by a backporting error. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/166561 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2019-19602
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory corruption in fpregs_state_valid in arch/x86/include/asm/fpu/internal.h. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172692 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2019-14898
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition in between mmget_not_zero()/get_task_mm() and core dumping. By using a specially-crafted system call, a local authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive information.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175727 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H)

CVEID:   CVE-2019-18282
DESCRIPTION:   Linux Kernel could allow a local attacker to obtain sensitive information, caused by a device tracking vulnerability in flow_dissector feature. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174716 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected Product(s)Version(s)
IBM Spectrum Protect Plus10.1.0-10.1.5

Remediation/Fixes

Spectrum Protect
Plus Release
First Fixing
VRM Level
PlatformLink to Fix
      10.110.1.5 patch1Linuxhttp://www.ibm.com/support/docview.wss?uid=ibm11072392

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

21 February 2020: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Document Location

Worldwide

[{"Business Unit":{"code":"BU010","label":"Systems - Storage"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.1","Edition":""}]

Document Information

Modified date:
21 February 2020

UID

ibm13177579