SB2020012803 - Multiple vulnerabilities in F5 Traffix SDC

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper Check for Dropped Privileges (CVE-ID: CVE-2019-18276)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in "disable_priv_mode()" function in shell.c due to the affected software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded. A local user with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges.

2) Memory leak (CVE-ID: CVE-2019-19069)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "fastrpc_dma_buf_attach()" function in "drivers/misc/fastrpc.c" file in the Linux kernel before 5.3.9 allows a local user to cause a denial of service (memory consumption) by triggering "dma_get_sgtable()" failures.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://support.f5.com/csp/article/K86221000
• https://support.f5.com/csp/article/K60130614