IBM Support

Security Bulletin: Vulnerabilities in glusterfs affect PowerKVM

Created by Scott Garfinkle on
Published URL:
https://www.ibm.com/support/pages/node/735389
735389

Security Bulletin


Summary

PowerKVM is affected by vulnerabilities in glusterfs. IBM has now addressed these vulnerabilities.

Vulnerability Details

CVEID: CVE-2018-10913
DESCRIPTION: glusterfs could allow a remote attacker to obtain sensitive information, caused by improper handling of xattr request. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to determine the existence of arbitrary files on the system.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149299 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2018-10911
DESCRIPTION: glusterfs could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of negative key length values in the dict.c:dict_unserialize function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to read memory from other locations into the stored dict value.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149298 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-10907
DESCRIPTION: glusterfs is vulnerable to a denial of service, caused by multiple stack-based buffer overflow in unctions in server-rpc-fopc.c. By mounting a gluster volume and sending specially-crafted data, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition or execute arbitrary code on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149297 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2018-10928
DESCRIPTION: glusterfs could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper validation of RPC request using gfs3_symlink_req function. By sending a specially-crafted request, an attacker could exploit this vulnerability to create arbitrary symlinks and execute arbitrary code on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149305 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2018-10927
DESCRIPTION: glusterfs could allow a remote authenticated attacker to obtain sensitive information, caused by improper validation of RPC request in gfs3_lookup_req function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information and cause a denial of service condition.
CVSS Base Score: 8.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149304 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)

CVEID: CVE-2018-10926
DESCRIPTION: glusterfs could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in RPC request using gfs3_mknod_req function. By sending a specially-crafted request, an attacker could exploit this vulnerability to create files and execute arbitrary code on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149303 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2018-10923
DESCRIPTION: glusterfs could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the mknod call derived from mknod(2). By creating arbitrary devices on a glusterfs server node, an attacker could exploit this vulnerability to read arbitrary data from the attached device.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149301 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-10914
DESCRIPTION: glusterfs is vulnerable to a denial of service, caused by improper validation of xattr request. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to crash multiple bricks and gluster volumes.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149300 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-10930
DESCRIPTION: glusterfs ould allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of RPC request using gfs3_rename_req function. By sending a specially-crafted request, an attacker could exploit this vulnerability to write to a destination outside the gluster volume.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149307 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2018-10929
DESCRIPTION: glusterfs could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper validation of RPC request using gfs2_create_req function. By sending a specially-crafted request, an attacker could exploit this vulnerability to create files and execute arbitrary code on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149306 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2018-10904
DESCRIPTION: glusterfs could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper validation of file paths in the trusted.io-stats-dump extended attribute. By sending a specially-crafted request, an attacker could exploit this vulnerability to create files and execute arbitrary code on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/149295 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

PowerKVM 3.1

Remediation/Fixes

Customers can update PowerKVM systems by using "yum update".

Fix images are made available via Fix Central. For version 3.1, see https://ibm.biz/BdHggw. This issue is addressed starting with v3.1.0.2 update 16.

Workarounds and Mitigations

none

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support alerts like this.

References

Complete CVSS v3 Guide
On-line Calculator v3

Off

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

28 September 2018 - Initial Version

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSZJY4","label":"PowerKVM"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"3.1","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
17 December 2018

UID

ibm10735389

Page Feedback