Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2599)

Published: 2020-01-23 13:08:20
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Summary:
The remote host is missing an update for the Huawei EulerOS 'kernel' Linux Distribution Package(s) announced via the EulerOS-SA-2019-2599 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says 'the Linux kernel is *not* affected, media hype.'(CVE-2014-4608) A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.(CVE-2015-3332) An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.(CVE-2017-13168) An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.(CVE-2017-18551) An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.(CVE-2017-18509) An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.(CVE-2017-18595) An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.(CVE-2018-14617) An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on ... Description truncated. Please see the references for more information.

Affected Versions:
'kernel' Linux Distribution Package(s) on Huawei EulerOS V2.0SP3.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2014-4608
https://nvd.nist.gov/vuln/detail/CVE-2014-5206
https://nvd.nist.gov/vuln/detail/CVE-2014-5207
https://nvd.nist.gov/vuln/detail/CVE-2015-1350
https://nvd.nist.gov/vuln/detail/CVE-2015-3332
https://nvd.nist.gov/vuln/detail/CVE-2015-8816
https://nvd.nist.gov/vuln/detail/CVE-2015-8844
https://nvd.nist.gov/vuln/detail/CVE-2015-8845
https://nvd.nist.gov/vuln/detail/CVE-2015-9289
https://nvd.nist.gov/vuln/detail/CVE-2016-2184
https://nvd.nist.gov/vuln/detail/CVE-2016-2185
https://nvd.nist.gov/vuln/detail/CVE-2016-2186
https://nvd.nist.gov/vuln/detail/CVE-2016-2187
https://nvd.nist.gov/vuln/detail/CVE-2016-2384
https://nvd.nist.gov/vuln/detail/CVE-2016-3138
https://nvd.nist.gov/vuln/detail/CVE-2016-3139
https://nvd.nist.gov/vuln/detail/CVE-2016-3140
https://nvd.nist.gov/vuln/detail/CVE-2016-3689
https://nvd.nist.gov/vuln/detail/CVE-2016-4569
https://nvd.nist.gov/vuln/detail/CVE-2016-4578
https://nvd.nist.gov/vuln/detail/CVE-2016-6130
https://nvd.nist.gov/vuln/detail/CVE-2016-6197
https://nvd.nist.gov/vuln/detail/CVE-2016-7425
https://nvd.nist.gov/vuln/detail/CVE-2017-1000253
https://nvd.nist.gov/vuln/detail/CVE-2017-1000379
https://nvd.nist.gov/vuln/detail/CVE-2017-13168
https://nvd.nist.gov/vuln/detail/CVE-2017-18509
https://nvd.nist.gov/vuln/detail/CVE-2017-18551
https://nvd.nist.gov/vuln/detail/CVE-2017-18595
https://nvd.nist.gov/vuln/detail/CVE-2017-5753
https://nvd.nist.gov/vuln/detail/CVE-2018-14617
https://nvd.nist.gov/vuln/detail/CVE-2019-0136
https://nvd.nist.gov/vuln/detail/CVE-2019-17075
https://nvd.nist.gov/vuln/detail/CVE-2019-17133
https://nvd.nist.gov/vuln/detail/CVE-2019-17666

References:

https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2599

Search
Severity
High
CVSS Score
8.3

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.