SB20230418193 - Multiple vulnerabilities in IBM Integrated Management Module II (IMM2) for System x, BladeCenter and Flex Systems

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2015-1472)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.

2) Input validation error (CVE-ID: CVE-2013-7423)

The vulnerability allows a remote non-authenticated attacker to corrupt data.

The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.

3) Input validation error (CVE-ID: CVE-2014-7817)

The vulnerability allows a local user to read and manipulate data.

The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".

4) Infinite loop (CVE-ID: CVE-2014-9402)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the nss_dns implementation of getnetbyname due to infinite loop when the DNS backend in the Name Service Switch configuration is enabled. A remote attacker can send a positive answer while a network name is being process and cause the service to crash.

Remediation

Install update from vendor's website.

References

• https://www.ibm.com/support/pages/node/868446