IBM Support

Security Bulletin: Vulnerabilities in OpenSSL affect IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface (UEFI) (CVE-2015-1789 CVE-2015-1790 CVE-2015-1792)

Created by Sheila Hegeman on
Published URL:
https://www.ibm.com/support/pages/node/868458
868458

Security Bulletin


Summary

OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface. IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface (UEFI) have addressed the applicable CVEs.

Vulnerability Details

Summary

OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface. IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface (UEFI) have addressed the applicable CVEs.

Vulnerability Details:

CVE-ID: CVE-2015-1789

Description: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.

CVSS Base Score: 5
CVSS Temporal Score: See http://exchange.xforce.ibmcloud.com/vulnerabilities/103779 for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2015-1790

Description: OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.

CVSS Base Score: 5
CVSS Temporal Score: See http://exchange.xforce.ibmcloud.com/vulnerabilities/103780 for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2015-1792

Description: OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.

CVSS Base Score: 5
CVSS Temporal Score: See http://exchange.xforce.ibmcloud.com/vulnerabilities/103781 for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

System Affected Version
BladeCenter HS23 7875/1929 tke148b-1.80
BladeCenter HS23E 8038/8039 ahe148a-2.20
Flex System x220 7906/2585 kse146a-1.70
Flex x222 7916 cce1146d-1.30
Flex System x240 8737/8738/7863/8956 b2e150e-1.70
Flex System x440 7917 cne148b-1.60
NeXtScale nx360 M4 5455 fhe112a-1.50
System x280, x480, x880 X6 7903 n2e114c-1.10
System x3100 M5 5457 j9e120e-1.20
System x3250 M5 5458 jue120e-1.20
System x3300 M4 7382 yae144a-1.50
System x3500 M4 7383 y5e144c-1.92
System x3550 M4 7914 d7e148b-1.91
System x3630 M4 7158/7160 bee148b-2.21
System x3650 M4 BD 5466 yoe108c-1.30
System x3650 M4 7915 vve146a-2.00
System x3750 M4 8722/8752/8733/8718 koe148c-1.70
System x3850 X6 (4S) 3837/3839,
System x3950 X6 (8S) 3839
a8e116c-1.10
System x iDataPlex dx360 M4 7912 tde146a-1.70

Remediation/Fixes:

It is recommended to update to the firmware level listed below, or later version. Firmware updates are available through IBM Fix Central: http://www.ibm.com/support/fixcentral/.

You should verify applying this fix does not cause any compatibility issues.

TIP: To locate UEFI fix versions on Fix Central search on the version prefix, such as "b2e1," "fhe1," or "koe1."

System Fixed Version
BladeCenter HS23 7875/1929 tke150b-1.90
BladeCenter HS23E 8038/8039 ahe150b-2.31
Flex System x220 7906/2585 kse148b-1.81
Flex x222 7916 cce150b-1.50
Flex System x240 8737/8738/7863/8956 b2e152c-1.80
Flex System x440 7917 cne150b-1.70
NeXtScale nx360 M4 5455 fhe114c01.60
System x280, x480, x880 X6 7903 n2e116c-1.20
System x3100 M5 5457 j9e122d-1.30
System x3250 M5 5458 jue122d-1.30
System x3300 M4 7382 yae146b-1.60
System x3500 M4 7383 y5e146b-2.01
System x3550 M4 7914 d7e150c-2.02
System x3630 M4 7158/7160 bee150b-2.31
System x3650 M4 BD 5466 yoe110b-1.40
System x3650 M4 7915 vve148b-2.11
System x3750 M4 8722/8752/8733/8718 koe150b-1.80
System x3850 X6 (4S) 3837/3839,
System x3950 X6 (8S) 3839
a8e118d-1.21
System x iDataPlex dx360 M4 7912 tde148b-1.81

Note: A fix for CVE-2014-8176 was provided in OpenSSL versions 0.9.8za, 1.0.0m, and 1.0.1h.

Workarounds and Mitigations:

None.

References:

Related Information:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Acknowledgement

None.

Change History
11 April 2016: Original version published

* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Get Notified about Future Security Bulletins

References

On

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

Operating System

System x:All operating systems listed

BladeCenter:Operating system independent / None

PureFlex System and Flex System:All operating systems listed

[{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HW239","label":"BladeCenter->BladeCenter HS23"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HW23F","label":"BladeCenter->BladeCenter HS23E"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"LOB18","label":"Miscellaneous LOB"}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HW337","label":"System x->System x3100"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU050","label":"BU NOT IDENTIFIED"},"Product":{"code":"HW94B","label":"PureFlex System and Flex System->x220 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU050","label":"BU NOT IDENTIFIED"},"Product":{"code":"HW94C","label":"PureFlex System and Flex System->x222 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"HW94D","label":"Flex System x240 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU050","label":"BU NOT IDENTIFIED"},"Product":{"code":"HW94E","label":"PureFlex System and Flex System->x440 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"HW94J","label":"PureFlex System and Flex System->x880 X6 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"HW94K","label":"PureFlex System and Flex System->x280 X6 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU050","label":"BU NOT IDENTIFIED"},"Product":{"code":"HW94L","label":"PureFlex System and Flex System->x480 X6 Compute Node"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWX81","label":"System x->System x3500 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWX91","label":"System x->System x3550 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXA3","label":"System x->System x3650 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXA5","label":"System x->System x3650 M4 BD"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXA7","label":"System x->NeXtScale nx360 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXB1","label":"System x->System x3950 X6"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXF6","label":"System x->System x iDataPlex dx360 M4 server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXG4","label":"System x->System x3300 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXG6","label":"System x->System x3750 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXH1","label":"System x->System x3630 M4"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXL0","label":"System x->System x3250 M5"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"HWXM0","label":"System x->System x3850 X6"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
30 January 2019

UID

ibm1MIGR-5099214