Multiple vulnerabilities in Dell CloudLink



Published: 2022-08-03
Risk High
Patch available YES
Number of vulnerabilities 15
CVE-ID CVE-2022-24903
CVE-2020-27820
CVE-2022-27223
CVE-2021-39713
CVE-2022-28390
CVE-2022-26490
CVE-2021-4157
CVE-2021-31871
CVE-2022-34380
CVE-2021-31873
CVE-2021-31872
CVE-2021-31870
CVE-2022-23219
CVE-2022-23218
CVE-2021-3999
CWE-ID CWE-122
CWE-416
CWE-129
CWE-254
CWE-415
CWE-119
CWE-190
CWE-288
CWE-193
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
CloudLink
Other software / Other software solutions

Vendor Dell

Security Bulletin

This security bulletin contains information about 15 vulnerabilities.

1) Heap-based buffer overflow

EUVDB-ID: #VU62830

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-24903

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service or potentially execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when parsing data in imtcp, imptcp, imgssapi, and imhttp modules used for TCP syslog reception. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and cause a denial of service or potentially execute arbitrary code on the target system.

Successful exploitation of this vulnerability is possible if the attacker is able to directly send specially crafted messages to the rsyslog daemon or by injecting specially crafted data into log files. Vulnerability exploitation in the second scenario requires that the rsyslog client supports octet-counted framing, which is not a default configuration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Use-after-free

EUVDB-ID: #VU63322

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-27820

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to a use-after-free error in nouveau's postclose() handler. A local user can send specially crafted data to the system and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper Validation of Array Index

EUVDB-ID: #VU63316

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-27223

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code with elevated privileges.

The vulnerability exists due to improper validation of array index in drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel. A remote attacker can send specially crafted data to the system and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Security features bypass

EUVDB-ID: #VU63350

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-39713

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to multiple issues in Qdisc implementation related to rcu read lock. A local application can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Double Free

EUVDB-ID: #VU63164

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-28390

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to boundary error in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c. A local user can pass specially crafted data to the application, trigger double free error and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Buffer overflow

EUVDB-ID: #VU62601

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26490

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the st21nfca_connectivity_event_received() function in drivers/nfc/st21nfca/se.c in Linux kernel. A local user can run a specially crafted program to trigger buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Buffer overflow

EUVDB-ID: #VU63323

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-4157

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the Linux kernel NFS subsystem. A remote attacker can create a specially crafted data and crash the system or escalate privileges on the system

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Integer overflow

EUVDB-ID: #VU62376

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-31871

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in the cpio command. A remote attacker can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU66016

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-34380

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass security restrictions.

The vulnerability exists due to a authentication bypass using an alternate path or channel. A high privileged local attacker may potentially exploit thisvulnerability leading to authentication bypass and access the CloudLink system console.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Integer overflow

EUVDB-ID: #VU62378

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-31873

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the malloc() function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Integer overflow

EUVDB-ID: #VU62377

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-31872

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the cpio command. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Integer overflow

EUVDB-ID: #VU62375

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-31870

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the calloc() function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Buffer overflow

EUVDB-ID: #VU61295

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-23219

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the clnt_create() function in the sunrpc module. A remote attacker can pass specially crafted input to the application that is using the affected library version, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Buffer overflow

EUVDB-ID: #VU61294

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-23218

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the svcunix_create() in the sunrpc module ib glibc. A remote attacker can pass specially crafted input to the application that is using the affected library version, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Off-by-one

EUVDB-ID: #VU61293

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-3999

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to an off-by-one error glibc getcwd() function. A remote attacker can pass specially crafted input to the application that is using the affected library version, trigger an off-by-one error and execute arbitrary code on the target system.


Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudLink: before 7.1.4


CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000202058/dsa-2022-210-dell-emc-cloudlink-security-update-for-multiple-security-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###