SB2025020722 - Multiple vulnerabilities in IBM GCM16 & GCM32 and LCM8 & LCM16 KVM Switch Firmware
Published: February 7, 2025
Security Bulletin ID
SB2025020722
Severity
Medium
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2017-3738)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists due to buffer overflow in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. A remote attacker can cause the server to share the DH1024 private key among multiple clients and perform attack on TLS.
2) Information disclosure (CVE-ID: CVE-2016-0701)
The vulnerability allows a remote attacker to obtain potentially sensitive information.The vulnerability exists due to DH_check_pub_key() function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
3) Improper input validation (CVE-ID: CVE-2017-3737)
The vulnerability allows a remote attacker to gain access to potentially sensitive information on the target system.The weakness exists due to an "error state mechanism" when SSL_read() or SSL_write() is called directly after SSL object. A remote attacker can a specially crafted input, trigger a fatal error during a handshake and return it in the initial function call to access or modify sensitive information.
Remediation
Install update from vendor's website.